Reaper Ingress file and output service account.

gcp/README.md

@@ -105,6 +105,23 @@ gcloud init
 
 If you created your Google cloud account newly, Google Compute Engine enforces quotas on resource usage for a variety of reasons. For example, quotas protect the community of Google Cloud users by preventing unforeseen spikes in usage, Google keep some soft limitations on the resources, you can always make a request to increase your quota limit. If you are planning to deploy k8ssandra cluster on GKE, you will need to make a request to increase your **Compute Engine API (backend services)** quota to `50` for the future use.
 
+### Backend
+  * Terraform uses persistent state data to keep track of the resources it manages. Since it needs the state in order to know which real-world infrastructure objects correspond to the resources in a configuration, everyone working with a given collection of infrastructure resources must be able to access the same state data.
+  * Terraform backend configuration: 
+  [Configuring your backend in aws gcs](https://www.terraform.io/docs/language/settings/backends/gcs.html)
+  * Terraform state
+  [How Terraform state works](https://www.terraform.io/docs/language/state/index.html)
+
+Sample template to configure your backend in gcs bucket:
+```
+  terraform {
+    backend "gcs" {
+      bucket = "<REPLACEME_bucket_name>"
+      prefix = "<REPLACEME_bucket_key>"
+    }
+  }
+``` 
+
 ### Tools
 
 * Access to an existing Google Cloud project as a owner or a developer.

gcp/env/README.md

@@ -52,7 +52,7 @@ module "iam" {
 ```
 
 ## vpc example module
-Usage: The following module call will create google compute network(VPC) and Gooogle Compute Subnet resources. Resources will be configured using the following input variables on this module. 
+Usage: The following module call will create google compute network(VPC) and Google Compute Subnet resources. Resources will be configured using the following input variables on this module. 
 
 ```
 # Module used for creating a google compute network.
@@ -82,32 +82,53 @@ module "gcs" {
 }
 
 ```
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.12 |
+| <a name="requirement_google"></a> [google](#requirement\_google) | ~> 3.0 |
+
 ## Providers
 
-|       NAME        |   Version  | 
-|-------------------|------------|
-| terraform version |   0.14     |
-| gcp provider      |   ~>3.0    |
+No providers.
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_gcs"></a> [gcs](#module\_gcs) | ../modules/gcs |  |
+| <a name="module_gke"></a> [gke](#module\_gke) | ../modules/gke |  |
+| <a name="module_iam"></a> [iam](#module\_iam) | ../modules/iam |  |
+| <a name="module_vpc"></a> [vpc](#module\_vpc) | ../modules/vpc |  |
+
+## Resources
+
+No resources.
 
 ## Inputs
 
-|       Name        |   Description  |  Type  |  Required    |
-|-------------------|----------------|--------|:------------:|
-| name |  Name of the cluster and prefix of the related resources names | `string` | yes |
-| environment | Environment of the infrastructure being buit | `string` | yes | 
-| project_id |  Id of the project which holds the components | `string` | yes |
-| region | the region to create the vpc network | `string` | yes |
-| k8s_namespace | The namespace to use for the deployment and workload identity binding | `string` | no |
-| zone | The zone in which to create the Kubernetes cluster. Must match the region | `string` | yes |
-| service_account_iam_roles | iam roles for the service account | `list` | yes |
-| service_account_custom_iam_roles | List of arbitrary additional IAM roles to attach to the service account on
-  the GKE nodes. | `list` | no |
-| project_services | The GCP APIs that should be enabled in this project. | `list` | yes |
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_environment"></a> [environment](#input\_environment) | The environment of the infrastructure being built. | `any` | n/a | yes |
+| <a name="input_k8s_namespace"></a> [k8s\_namespace](#input\_k8s\_namespace) | The namespace to use for the deployment and workload identity binding | `string` | `"default"` | no |
+| <a name="input_machine_type"></a> [machine\_type](#input\_machine\_type) | Type of machines which are used by cluster node pool | `string` | `"e2-highmem-8"` | no |
+| <a name="input_name"></a> [name](#input\_name) | Name of the cluster resources | `string` | `"k8ssandra"` | no |
+| <a name="input_project_id"></a> [project\_id](#input\_project\_id) | The GCP project in which the components are created. | `string` | `"k8ssandra-testing"` | no |
+| <a name="input_project_services"></a> [project\_services](#input\_project\_services) | The GCP APIs that should be enabled in this project. | `list(string)` | <pre>[<br>  "cloudresourcemanager.googleapis.com",<br>  "servicenetworking.googleapis.com",<br>  "container.googleapis.com",<br>  "compute.googleapis.com",<br>  "iam.googleapis.com",<br>  "logging.googleapis.com",<br>  "monitoring.googleapis.com",<br>  "sqladmin.googleapis.com",<br>  "securetoken.googleapis.com"<br>]</pre> | no |
+| <a name="input_region"></a> [region](#input\_region) | The region in which to create the VPC network | `string` | `"us-central1"` | no |
+| <a name="input_service_account_custom_iam_roles"></a> [service\_account\_custom\_iam\_roles](#input\_service\_account\_custom\_iam\_roles) | List of arbitrary additional IAM roles to attach to the service account on<br>the GKE nodes. | `list(string)` | `[]` | no |
+| <a name="input_service_account_iam_roles"></a> [service\_account\_iam\_roles](#input\_service\_account\_iam\_roles) | List of the default IAM roles to attach to the service account on the GKE Nodes. | `list(string)` | <pre>[<br>  "roles/logging.logWriter",<br>  "roles/monitoring.metricWriter",<br>  "roles/monitoring.viewer",<br>  "roles/stackdriver.resourceMetadata.writer"<br>]</pre> | no |
+| <a name="input_zone"></a> [zone](#input\_zone) | The zone in which to create the Kubernetes cluster. Must match the region | `string` | `"us-central-1a"` | no |
 
 ## Outputs
 
-|    Name     |    description   | 
-|-------------|:----------------:|
-|   endpoint  | google container cluster endpoint |
-| master_version| google container cluster master version |
-| bucket_name | google storage bucket name |
+| Name | Description |
+|------|-------------|
+| <a name="output_bucket_name"></a> [bucket\_name](#output\_bucket\_name) | The name of the GCS bucket. |
+| <a name="output_connect_cluster"></a> [connect\_cluster](#output\_connect\_cluster) | Configuring GKE cluster access for kubectl |
+| <a name="output_endpoint"></a> [endpoint](#output\_endpoint) | Endpoint for the GKE cluster |
+| <a name="output_master_version"></a> [master\_version](#output\_master\_version) | Master version of GKE cluster |
+| <a name="output_service_account"></a> [service\_account](#output\_service\_account) | The E-mail id of the service account. |
+| <a name="output_service_account_key"></a> [service\_account\_key](#output\_service\_account\_key) | The service Account Key to configure Medusa backups to use GCS bucket |

gcp/env/dev.tf

@@ -28,6 +28,7 @@ module "gke" {
   name            = local.prefix
   region          = var.region
   project_id      = var.project_id
+  machine_type    = var.machine_type
   network_link    = module.vpc.network_selflink
   subnetwork_link = module.vpc.subnetwork_selflink
   service_account = module.iam.service_account

gcp/env/outputs.tf

@@ -16,16 +16,38 @@
 #------------------------------
 # Print GKE cluster endpoint.
 output "endpoint" {
-  value = module.gke.endpoint
+  description = "Endpoint for the GKE cluster"
+  value       = module.gke.endpoint
 }
 
 # Print GKE cluster version.
 output "master_version" {
-  value = module.gke.master_version
+  description = "Master version of GKE cluster"
+  value       = module.gke.master_version
 }
 
 # gcs module output attributes
 #-----------------------------
 output "bucket_name" {
-  value = module.gcs.bucket_name
+  description = "The name of the GCS bucket."
+  value       = module.gcs.bucket_name
+}
+
+# Google cloud service account
+#-----------------------------
+output "service_account" {
+  description = "The E-mail id of the service account."
+  value       = module.iam.service_account
+}
+
+output "service_account_key" {
+  description = "The service Account Key to configure Medusa backups to use GCS bucket"
+  value       = module.iam.service_account_key
+}
+
+# Configuring GKE cluster access for kubectl.
+#-----------------------
+output "connect_cluster" {
+  description = "Configuring GKE cluster access for kubectl"
+  value       = format("gcloud container clusters get-credentials %s --region %s --project %s", module.gke.cluster_name, var.region, var.project_id)
 }

gcp/env/variables.tf

@@ -45,6 +45,12 @@ variable "k8s_namespace" {
   default     = "default"
 }
 
+variable "machine_type" {
+  description = "Type of machines which are used by cluster node pool"
+  type        = string
+  default     = "e2-highmem-8"
+}
+
 variable "service_account_iam_roles" {
   type = list(string)
 

gcp/modules/gcs/README.md

@@ -1,36 +1,46 @@
 # Terraform google cloud storage module 
-This is a Dynamic modules in Terraform to create a GCS bucket and assign basic persmissions to the users.
-
+This is a Dynamic modules in Terraform to create a GCS bucket and assign basic permissions to the users.
 
 * main.tf : contains all the resources which will be created with `terraform apply` command. 
 * variables.tf : contains all variables required to create the resources.
 * outputs.tf : contains output attributes of the resources. 
 
-## google cloud resources created
-* google cloud storage bucket
-* google storage bucket iam member
+## Requirements
+
+No requirements.
 
 ## Providers
 
-|       NAME        |   Version  | 
-|-------------------|------------|
-| terraform version |   0.14     |
-| gcp provider      |   ~>3.0    |
+| Name | Version |
+|------|---------|
+| <a name="provider_google"></a> [google](#provider\_google) | 3.0 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [google_storage_bucket.storage_bucket](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket) | resource |
+| [google_storage_bucket_iam_member.storage_bucket_iam_member](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket_iam_member) | resource |
 
 ## Inputs
 
-|       Name        |   Description  |  Type  |  Required    |
-|-------------------|----------------|--------|:------------:|
-| name |  name of the cluster and prefix of the related resources names | `string` | yes |
-| project_id |  Id of the project which holds the components | `string` | yes |
-| region | the region to create the vpc network | `string` | yes |
-| storage_class | Storage class for the gcs bucket | `string` | no |
-| bucket_policy_only | Enables Bucket Policy Only access to a bucket | `boolean` | no | 
-| role | Role of the google storage bucket iam member | `string` | no |
-| service_account | service account email address | `string` | yes |
-
-## Output
-
-|    Name     |    description   | 
-|-------------|:----------------:|
-| bucket_name | name of the google cloud storage bucket |
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_bucket_policy_only"></a> [bucket\_policy\_only](#input\_bucket\_policy\_only) | Enables Bucket Policy Only access to a bucket. | `bool` | `true` | no |
+| <a name="input_environment"></a> [environment](#input\_environment) | The environment of the infrastructure being built. | `string` | n/a | yes |
+| <a name="input_name"></a> [name](#input\_name) | Globally unique name of the bucket | `string` | n/a | yes |
+| <a name="input_project_id"></a> [project\_id](#input\_project\_id) | The ID of the project to create the bucket in. | `string` | n/a | yes |
+| <a name="input_region"></a> [region](#input\_region) | location of the bucket | `string` | n/a | yes |
+| <a name="input_role"></a> [role](#input\_role) | Role of the google storage bucket iam member | `string` | `"roles/storage.admin"` | no |
+| <a name="input_service_account"></a> [service\_account](#input\_service\_account) | service account email address | `string` | n/a | yes |
+| <a name="input_storage_class"></a> [storage\_class](#input\_storage\_class) | Storage class for the gcs bucket | `string` | `null` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_bucket_name"></a> [bucket\_name](#output\_bucket\_name) | name of the google cloud storage bucket |

gcp/modules/gke/README.md

@@ -5,33 +5,48 @@ This is a Dynamic module in terraform to create GKE cluster. This module will be
 * variables.tf : contains all the variables required to create the resources.
 * outputs.tf : prints output attributes of the resources.
 
+## Requirements
 
-## Google cloud resources created
-* GKE cluster
-* Cluster node pool
+No requirements.
 
 ## Providers
-|       NAME        |   Version  | 
-|-------------------|------------|
-| terraform version |   0.14     |
-| gcp provider      |   ~>3.0    |
+
+| Name | Version |
+|------|---------|
+| <a name="provider_google"></a> [google](#provider\_google) | n/a |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [google_container_cluster.container_cluster](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster) | resource |
+| [google_container_node_pool.container_node_pool](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_node_pool) | resource |
 
 ## Inputs
 
-|       Name        |   Description  |  Type  |  Required    |
-|-------------------|----------------|--------|:------------:|
-| name |  name of the cluster and prefix of the related resources names | `string` | yes |
-| project_id |  Id of the project which holds the components | `string` | yes |
-| region | the region to create the vpc network | `string` | yes |
-| initial_node_count | initial node count | `string` | no |
-| mechine_type | type of gcp virtuval machine | `string` | no | 
-| network_link | network link | `string` | yes |
-| subnetwork_link | subnetwork_link | `string` | yes |
-| service_account | service account email | `string` | yes |
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_enable_private_endpoint"></a> [enable\_private\_endpoint](#input\_enable\_private\_endpoint) | (Beta) Whether the master's internal IP address is used as the cluster endpoint | `bool` | `false` | no |
+| <a name="input_enable_private_nodes"></a> [enable\_private\_nodes](#input\_enable\_private\_nodes) | (Beta) Whether nodes have internal IP addresses only | `bool` | `false` | no |
+| <a name="input_environment"></a> [environment](#input\_environment) | Name of the environment the infrastructure is being built. | `string` | n/a | yes |
+| <a name="input_initial_node_count"></a> [initial\_node\_count](#input\_initial\_node\_count) | n/a | `number` | `1` | no |
+| <a name="input_machine_type"></a> [machine\_type](#input\_machine\_type) | Type of machines which are used by cluster node pool | `string` | `"e2-highmem-8"` | no |
+| <a name="input_master_ipv4_cidr_block"></a> [master\_ipv4\_cidr\_block](#input\_master\_ipv4\_cidr\_block) | The IP range in CIDR notation (size must be /28) to use for the hosted master network. This range will be used for assigning internal IP addresses to the master or set of masters, as well as the ILB VIP. This range must not overlap with any other ranges in use within the cluster's network. | `string` | `"10.0.0.0/28"` | no |
+| <a name="input_name"></a> [name](#input\_name) | Name of the cluster | `string` | n/a | yes |
+| <a name="input_network_link"></a> [network\_link](#input\_network\_link) | network link variable from vpc module outputs | `string` | `""` | no |
+| <a name="input_project_id"></a> [project\_id](#input\_project\_id) | The project ID where all resources will be launched. | `string` | n/a | yes |
+| <a name="input_region"></a> [region](#input\_region) | The location of the GKE cluster. | `string` | n/a | yes |
+| <a name="input_service_account"></a> [service\_account](#input\_service\_account) | The name of the custom service account used for the GKE cluster. This parameter is limited to a maximum of 28 characters | `string` | `""` | no |
+| <a name="input_subnetwork_link"></a> [subnetwork\_link](#input\_subnetwork\_link) | subnetwork link variable from vpc module outputs | `string` | `""` | no |
 
 ## Outputs
 
-|    Name     |    description   | 
-|-------------|:----------------:|
-|   endpoint  | google container cluster endpoint |
-| master_version| google container cluster master version |
+| Name | Description |
+|------|-------------|
+| <a name="output_cluster_name"></a> [cluster\_name](#output\_cluster\_name) | GKE cluster name |
+| <a name="output_endpoint"></a> [endpoint](#output\_endpoint) | End point of the google container cluster |
+| <a name="output_master_version"></a> [master\_version](#output\_master\_version) | Master version of Kubernetes cluster |

gcp/modules/gke/main.tf

@@ -73,7 +73,7 @@ resource "google_container_node_pool" "container_node_pool" {
   node_config {
     machine_type = var.machine_type
     preemptible  = true
-    tags         = ["http", "ssh", "rdp"]
+    tags         = ["http", "ssh"]
 
     metadata = {
       disable-legacy-endpoints = "true"

gcp/modules/gke/outputs.tf

@@ -14,10 +14,18 @@
 
 # End point of the google container cluster.
 output "endpoint" {
-  value = google_container_cluster.container_cluster.endpoint
+  description = "End point of the google container cluster"
+  value       = google_container_cluster.container_cluster.endpoint
 }
 
 # Master version of Kubernetes cluster.
 output "master_version" {
-  value = google_container_cluster.container_cluster.master_version
+  description = "Master version of Kubernetes cluster"
+  value       = google_container_cluster.container_cluster.master_version
+}
+
+# GKE cluster name.
+output "cluster_name" {
+  description = "GKE cluster name"
+  value       = google_container_cluster.container_cluster.name
 }

gcp/modules/gke/variables.tf

@@ -34,7 +34,7 @@ variable "initial_node_count" {
 variable "machine_type" {
   description = "Type of machines which are used by cluster node pool"
   type        = string
-  default     = "n1-standard-8"
+  default     = "e2-highmem-8"
 }
 
 variable "region" {