Merge pull request #55 from taylorludwig/feature/47-advanced-container-options

show how to use advanced container options with example

Author: aaron-lane

.kitchen.yml

@@ -40,6 +40,19 @@ suites:
         backend: local
         controls:
           - gce
+  - name: "instance_with_advanced_options"
+    driver:
+      name: "terraform"
+      command_timeout: 1800
+      root_module_directory: test/fixtures/instance_with_advanced_options
+    verifier:
+      name: terraform
+      color: false
+      systems:
+      - name: system
+        backend: local
+        controls:
+          - gce
   - name: "instance_with_attached_disk"
     driver:
       name: "terraform"

CHANGELOG.md

@@ -8,6 +8,10 @@ Extending the adopted spec, each change should have a link to its corresponding
 
 ## [Unreleased]
 
+### Added
+
+- Example for showing advanced container options [#55]
+
 ## [2.0.0] - 2019-12-13
 
 ### Added
@@ -88,6 +92,7 @@ Extending the adopted spec, each change should have a link to its corresponding
 [0.2.0]: https://github.com/terraform-google-modules/terraform-google-container-vm/compare/v0.1.1...v0.2.0
 [0.1.1]: https://github.com/terraform-google-modules/terraform-google-container-vm/compare/v0.1.0...v0.1.1
 
+[#55]: https://github.com/terraform-google-modules/terraform-google-container-vm/pull/55
 [#57]: https://github.com/terraform-google-modules/terraform-google-container-vm/pull/57
 [#54]: https://github.com/terraform-google-modules/terraform-google-container-vm/pull/54
 [#48]: https://github.com/terraform-google-modules/terraform-google-container-vm/pull/48

README.md

@@ -13,7 +13,7 @@ This module is meant for use with Terraform 0.12. If you need a Terraform 0.11.x
 ```hcl
 module "gce-container" {
   source = "github.com/terraform-google-modules/terraform-google-container-vm"
-  version = "0.1.0"
+  version = "2.0.0"
 
   container = {
     image="gcr.io/google-samples/hello-app:1.0"
@@ -95,6 +95,42 @@ Then perform the following commands on the root folder:
 
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 
+## Container Options
+
+Advanced container options, as described [here](https://cloud.google.com/compute/docs/containers/configuring-options-to-run-containers), can be passed in as part of the `container` map.
+
+The `instance_with_advanced_options` example also demonstrates this.
+
+```hcl
+module "gce-advanced-container" {
+  source = "github.com/terraform-google-modules/terraform-google-container-vm"
+  version = "2.0.0"
+
+  container = {
+    image = "busybox"
+    command = [
+      "tail"
+    ]
+    args = [
+      "-f",
+      "/dev/null"
+    ]
+    securityContext = {
+      privileged : true
+    }
+    tty : true
+    env = [
+      {
+        name  = "EXAMPLE"
+        value = "VAR"
+      }
+    ]
+  }
+
+  restart_policy = "OnFailure"
+}
+```
+
 ## Requirements
 ### Terraform plugins
 - [Terraform](https://www.terraform.io/downloads.html) 0.10.x

examples/instance_with_advanced_options/.gitignore

@@ -0,0 +1,3 @@
+terraform.tfvars
+.terraform
+terraform.tfstate.d

examples/instance_with_advanced_options/README.md

@@ -0,0 +1,36 @@
+# Instance with Advanced Options
+
+This example illustrates how to deploy a container to a Google Compute Engine instance in GCP with advanced options.
+
+<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|:----:|:-----:|:-----:|
+| client\_email | Service account email address | string | `""` | no |
+| instance\_name | The desired name to assign to the deployed instance | string | `"container-vm-advanced-options"` | no |
+| project\_id | The project ID to deploy resources into | string | n/a | yes |
+| subnetwork | The name of the subnetwork to deploy instances into | string | n/a | yes |
+| subnetwork\_project | The project ID where the desired subnetwork is provisioned | string | n/a | yes |
+| zone | The GCP zone to deploy instances into | string | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| container | The container metadata provided to the module |
+| instance\_name | The deployed instance name |
+| ipv4 | The public IP address of the deployed instance |
+| vm\_container\_label | The instance label containing container configuration |
+| volumes | The volume metadata provided to the module |
+
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+
+## Running
+
+To provision this example, run the following from within this directory:
+
+- `terraform init` to get plugins
+- `terraform plan` to dry-run the infrastructure changes
+- `terraform apply` to apply the infrastructure changes
+- `terraform destroy` to tear down the created infrastructure

examples/instance_with_advanced_options/main.tf

@@ -0,0 +1,85 @@
+/**
+ * Copyright 2019 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+provider "google" {
+}
+
+locals {
+  instance_name = format("%s-%s", var.instance_name, substr(md5(module.gce-advanced-container.container.image), 0, 8))
+}
+
+module "gce-advanced-container" {
+  source = "../../"
+
+  container = {
+    image = "busybox"
+    command = [
+      "tail"
+    ]
+    args = [
+      "-f",
+      "/dev/null"
+    ]
+    securityContext = {
+      privileged : true
+    }
+    tty : true
+    env = [
+      {
+        name  = "EXAMPLE"
+        value = "VAR"
+      }
+    ]
+  }
+
+  restart_policy = "OnFailure"
+}
+
+resource "google_compute_instance" "vm" {
+  project      = var.project_id
+  name         = local.instance_name
+  machine_type = "n1-standard-1"
+  zone         = var.zone
+
+  boot_disk {
+    initialize_params {
+      image = module.gce-advanced-container.source_image
+    }
+  }
+
+  network_interface {
+    subnetwork_project = var.subnetwork_project
+    subnetwork         = var.subnetwork
+    access_config {}
+  }
+
+  tags = ["container-vm-example"]
+
+  metadata = {
+    gce-container-declaration = module.gce-advanced-container.metadata_value
+  }
+
+  labels = {
+    container-vm = module.gce-advanced-container.vm_container_label
+  }
+
+  service_account {
+    email = var.client_email
+    scopes = [
+      "https://www.googleapis.com/auth/cloud-platform",
+    ]
+  }
+}

examples/instance_with_advanced_options/outputs.tf

@@ -0,0 +1,40 @@
+/**
+ * Copyright 2019 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+output "vm_container_label" {
+  description = "The instance label containing container configuration"
+  value       = module.gce-advanced-container.vm_container_label
+}
+
+output "container" {
+  description = "The container metadata provided to the module"
+  value       = module.gce-advanced-container.container
+}
+
+output "volumes" {
+  description = "The volume metadata provided to the module"
+  value       = module.gce-advanced-container.volumes
+}
+
+output "instance_name" {
+  description = "The deployed instance name"
+  value       = local.instance_name
+}
+
+output "ipv4" {
+  description = "The public IP address of the deployed instance"
+  value       = google_compute_instance.vm.network_interface.0.access_config.0.nat_ip
+}

examples/instance_with_advanced_options/variables.tf

@@ -0,0 +1,43 @@
+/**
+ * Copyright 2019 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+variable "project_id" {
+  description = "The project ID to deploy resources into"
+}
+
+variable "subnetwork_project" {
+  description = "The project ID where the desired subnetwork is provisioned"
+}
+
+variable "subnetwork" {
+  description = "The name of the subnetwork to deploy instances into"
+}
+
+variable "instance_name" {
+  description = "The desired name to assign to the deployed instance"
+  default     = "container-vm-advanced-options"
+}
+
+variable "zone" {
+  description = "The GCP zone to deploy instances into"
+  type        = string
+}
+
+variable "client_email" {
+  description = "Service account email address"
+  type        = string
+  default     = ""
+}

examples/instance_with_attached_disk/README.md

@@ -14,11 +14,10 @@ This example illustrates how to deploy and expose a container to a Google Comput
 | instance\_name | The desired name to assign to the deployed instance | string | `"disk-instance-vm-test"` | no |
 | machine\_type | The GCP machine type to deploy | string | n/a | yes |
 | project\_id | The project ID to deploy resource into | string | n/a | yes |
-| region | The GCP region to deploy instances into | string | `"us-east4"` | no |
 | restart\_policy | The desired Docker restart policy for the deployed image | string | n/a | yes |
 | subnetwork | The name of the subnetwork to deploy instances into | string | n/a | yes |
 | subnetwork\_project | The project ID where the desired subnetwork is provisioned | string | n/a | yes |
-| zone | The GCP zone to deploy instances into | string | `"us-east4-b"` | no |
+| zone | The GCP zone to deploy instances into | string | n/a | yes |
 
 ## Outputs
 
@@ -29,11 +28,8 @@ This example illustrates how to deploy and expose a container to a Google Comput
 | http\_port | The port on which the HTTP service is exposed |
 | instance\_name | The deployed instance name |
 | ipv4 | The public IP address of the deployed instance |
-| project\_id | The project ID resources were deployed into |
-| region | The region the GCE instance was deployed into |
 | vm\_container\_label | The instance label containing container configuration |
 | volumes | The volume metadata provided to the module |
-| zone | The zone the GCE instance was deployed into |
 
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 

examples/instance_with_attached_disk/main.tf

@@ -15,7 +15,6 @@
  */
 
 provider "google" {
-  region = var.region
 }
 
 locals {

examples/instance_with_attached_disk/outputs.tf

@@ -14,21 +14,6 @@
  * limitations under the License.
  */
 
-output "project_id" {
-  description = "The project ID resources were deployed into"
-  value       = var.project_id
-}
-
-output "region" {
-  description = "The region the GCE instance was deployed into"
-  value       = var.region
-}
-
-output "zone" {
-  description = "The zone the GCE instance was deployed into"
-  value       = var.zone
-}
-
 output "vm_container_label" {
   description = "The instance label containing container configuration"
   value       = module.gce-container.vm_container_label

examples/instance_with_attached_disk/variables.tf

@@ -47,14 +47,8 @@ variable "machine_type" {
   description = "The GCP machine type to deploy"
 }
 
-variable "region" {
-  description = "The GCP region to deploy instances into"
-  default     = "us-east4"
-}
-
 variable "zone" {
   description = "The GCP zone to deploy instances into"
-  default     = "us-east4-b"
 }
 
 variable "additional_metadata" {

examples/managed_instance_group/README.md

@@ -18,10 +18,10 @@ This example requires that some python libraries be installed, as outlined in `r
 | mig\_name | The desired name to assign to the deployed managed instance group | string | `"mig-test"` | no |
 | network | The GCP network | string | `"mig-net"` | no |
 | project\_id | The project ID to deploy resource into | string | n/a | yes |
-| region | The GCP region to deploy instances into | string | `"us-east4"` | no |
+| region | The GCP region to deploy instances into | string | n/a | yes |
 | service\_account |  | object | `<map>` | no |
 | subnetwork | The name of the subnetwork to deploy instances into | string | `"mig-subnet"` | no |
-| zone | The GCP zone to deploy instances into | string | `"us-east4-b"` | no |
+| zone | The GCP zone to deploy instances into | string | n/a | yes |
 
 ## Outputs
 
@@ -30,11 +30,8 @@ This example requires that some python libraries be installed, as outlined in `r
 | container | The container metadata provided to the module |
 | http\_address | The IP address on which the HTTP service is exposed |
 | http\_port | The port on which the HTTP service is exposed |
-| project\_id | The project ID resources were deployed into |
-| region | The region the GCE instance was deployed into |
 | vm\_container\_label | The instance label containing container configuration |
 | volumes | The volume metadata provided to the module |
-| zone | The zone the GCE instance was deployed into |
 
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->