diff --git a/azure/terraform/gitlab.tf b/azure/terraform/gitlab.tf index 5988b74..6145766 100644 --- a/azure/terraform/gitlab.tf +++ b/azure/terraform/gitlab.tf @@ -1,40 +1,42 @@ # create a kubernetes cluster for a given environment # and deploy a gitlab instance on it # The cluster is deployed in its own resource group # suffixed by the environment ####### # Production instance ####### module "gitlab-production" { - source = "./modules/gitlab" - name = "euwest-gitlab-production" - blob_storage_name = "swheuwestgitlabprod" #can only consist of lowercase letters and numbers, and must be between 3 and 24 characters long + source = "./modules/gitlab" + name = "euwest-gitlab-production" + blob_storage_name = "swheuwestgitlabprod" #can only consist of lowercase letters and numbers, and must be between 3 and 24 characters long + kubernetes_version = "1.22.15" } output "gitlab-production_aks_summary" { value = module.gitlab-production.aks_summary } output "gitlab-production_storage_summary" { value = module.gitlab-production.blob_storage_summary sensitive = true } ####### # Staging instance ####### module "gitlab-staging" { source = "./modules/gitlab" name = "euwest-gitlab-staging" blob_storage_name = "swheuwestgitlabstaging" + kubernetes_version = "1.22.15" } output "gitlab-staging_aks_summary" { value = module.gitlab-staging.aks_summary } output "gitlab-staging_storage_summary" { value = module.gitlab-staging.blob_storage_summary sensitive = true } diff --git a/azure/terraform/modules/gitlab/main.tf b/azure/terraform/modules/gitlab/main.tf index 83ed7cd..da64771 100644 --- a/azure/terraform/modules/gitlab/main.tf +++ b/azure/terraform/modules/gitlab/main.tf @@ -1,55 +1,57 @@ resource "azurerm_resource_group" "gitlab_rg" { name = var.name location = var.location tags = { environment = "gitlab" } } # kubernetes cluster for compute and storage module "gitlab_aks_cluster" { source = "../kubernetes" cluster_name = var.name resource_group = var.name minimal_pool_count = 1 maximal_pool_count = 5 node_type = "Standard_B2ms" + kubernetes_version = var.kubernetes_version + depends_on = [ azurerm_resource_group.gitlab_rg ] } # Storage account for the assets -# git lfs / backups / artifacts / pages +# git lfs / backups / artifacts / pages # terraform states / registry / ... resource "azurerm_storage_account" "gitlab_storage" { name = var.blob_storage_name resource_group_name = var.name location = var.location account_tier = "Standard" account_replication_type = "LRS" blob_properties { delete_retention_policy { days = 7 } container_delete_retention_policy { days = 7 } } tags = { environment = "gitlab" } } resource "azurerm_storage_container" "gitlab_storage_container" { count = length(var.blob_storage_containers) name = var.blob_storage_containers[count.index] storage_account_name = azurerm_storage_account.gitlab_storage.name container_access_type = "private" } diff --git a/azure/terraform/modules/gitlab/variables.tf b/azure/terraform/modules/gitlab/variables.tf index 8d22888..62b54f9 100644 --- a/azure/terraform/modules/gitlab/variables.tf +++ b/azure/terraform/modules/gitlab/variables.tf @@ -1,24 +1,30 @@ variable "name" { description = "Name of the gitlab environment" type = string } variable "location" { description = "Name of the gitlab environment" type = string default = "westeurope" } variable "blob_storage_name" { description = "Blob storage name. lower case, only letters and numbers" type = string } variable "blob_storage_containers" { description = "Blob storage containers to create on the storage account" type = list(string) default = [ - "artifacts", "registry", "external-diffs", "lfs-objects", "uploads", + "artifacts", "registry", "external-diffs", "lfs-objects", "uploads", "packages", "dependency-proxy", "terraform", "pages", ] } + +variable "kubernetes_version" { + description = "The kubernetes version to use, must match https://docs.gitlab.com/operator/installation.html#kubernetes" + type = string + default = "1.22" +} diff --git a/azure/terraform/modules/kubernetes/main.tf b/azure/terraform/modules/kubernetes/main.tf index 993896d..a4efd3b 100644 --- a/azure/terraform/modules/kubernetes/main.tf +++ b/azure/terraform/modules/kubernetes/main.tf @@ -1,61 +1,63 @@ resource "azurerm_kubernetes_cluster" "aks_cluster" { name = var.cluster_name resource_group_name = data.azurerm_resource_group.aks_rg.name location = data.azurerm_resource_group.aks_rg.location dns_prefix = var.cluster_name node_resource_group = "${var.cluster_name}-internal" + kubernetes_version = "${var.kubernetes_version}" + default_node_pool { name = "default" # node_count = 1 vm_size = var.node_type enable_auto_scaling = true max_count = var.maximal_pool_count min_count = var.minimal_pool_count # not supported for all vm types # os_disk_type = "Ephemeral" # experimental feature, not activable as we don't # have a subscription # kubelet_config { # container_log_max_size_mb = "1024" # } } identity { type = "SystemAssigned" } private_cluster_enabled = true network_profile { network_plugin = "kubenet" network_policy = "calico" load_balancer_sku = "standard" # needed to assign a private ip address } } resource "azurerm_private_endpoint" "aks_cluster_endpoint" { name = "${var.cluster_name}-endpoint" resource_group_name = data.azurerm_resource_group.aks_rg.name location = data.azurerm_resource_group.aks_rg.location subnet_id = data.azurerm_subnet.internal_subnet.id private_service_connection { name = "${var.cluster_name}-psc" is_manual_connection = false private_connection_resource_id = azurerm_kubernetes_cluster.aks_cluster.id subresource_names = ["management"] } } resource "azurerm_public_ip" "aks_cluster_public_ip" { count = var.public_ip_provisioning ? 1 : 0 name = "${var.cluster_name}_ip" resource_group_name = azurerm_kubernetes_cluster.aks_cluster.node_resource_group location = data.azurerm_resource_group.aks_rg.location allocation_method = "Static" sku = "Standard" zones = ["1", "2", "3"] } diff --git a/azure/terraform/modules/kubernetes/variables.tf b/azure/terraform/modules/kubernetes/variables.tf index 30c0e96..f527c41 100644 --- a/azure/terraform/modules/kubernetes/variables.tf +++ b/azure/terraform/modules/kubernetes/variables.tf @@ -1,46 +1,51 @@ variable "resource_group" { description = "Resource group name of the kubernetes cluster. Must already exist" type = string } variable "cluster_name" { description = "Name of the cluster, for example: euwest-gitlab-staging" type = string } variable "node_type" { description = "Type of vms in the default node pool" default = "Standard_B2ms" type = string } variable "minimal_pool_count" { description = "Minimal number of node in the default pool" type = number default = 1 } variable "maximal_pool_count" { description = "Minimal number of node in the default pool" type = number default = 5 } variable "internal_vnet" { description = "A vnet accessible from the VPN" type = string default = "swh-vnet" } variable "internal_vnet_rg" { description = "The resource group of the vnet accessible from the VPN" type = string default = "swh-resource" } variable "public_ip_provisioning" { description = "Should a public ip should be provisionned?" type = bool default = true } +variable "kubernetes_version" { + description = "The kubernetes version to use, must match https://docs.gitlab.com/operator/installation.html#kubernetes" + type = string + default = null +}