diff --git a/build/terraform/e2e/gke-autopilot/module.tf b/build/terraform/e2e/gke-autopilot/module.tf index da24c3cd90..4aee19b828 100644 --- a/build/terraform/e2e/gke-autopilot/module.tf +++ b/build/terraform/e2e/gke-autopilot/module.tf @@ -50,4 +50,4 @@ module "gke_cluster" { } udpFirewall = false // firewall is created at the project module level -} \ No newline at end of file +} diff --git a/build/terraform/e2e/gke-standard/module.tf b/build/terraform/e2e/gke-standard/module.tf index 906a1a71df..930b1d9c37 100644 --- a/build/terraform/e2e/gke-standard/module.tf +++ b/build/terraform/e2e/gke-standard/module.tf @@ -64,4 +64,4 @@ module "gke_cluster" { } udpFirewall = false // firewall is created at the project module level -} \ No newline at end of file +} diff --git a/build/terraform/e2e/state-bucket/main.tf b/build/terraform/e2e/state-bucket/main.tf index 74d4171321..18fbe2065c 100644 --- a/build/terraform/e2e/state-bucket/main.tf +++ b/build/terraform/e2e/state-bucket/main.tf @@ -22,7 +22,7 @@ // tfstate, delete your local .terraform and .tfstate files. You may need to run // `sudo chown -R yourusername .` to be able to delete them. Then navigate to this directory and run // `terraform init`. Pull in the tfstate file from gcloud with -// `terraform import google_storage_bucket.default agones-images-e2e-infra-bucket-tfstate`. +// `terraform import google_storage_bucket.default ""-e2e-infra-bucket-tfstate`. // # GCS bucket for holding the Terraform state of the e2e Terraform config. diff --git a/build/terraform/upgrade/gke-autopilot/module.tf b/build/terraform/upgrade/gke-autopilot/module.tf new file mode 100644 index 0000000000..95f82f1fa7 --- /dev/null +++ b/build/terraform/upgrade/gke-autopilot/module.tf @@ -0,0 +1,53 @@ +// Copyright 2024 Google LLC All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + + +// Run: +// terraform apply -var project="" + +terraform { + required_version = ">= 1.0.0" + required_providers { + google = { + source = "hashicorp/google" + version = "~> 4.25.0" + } + helm = { + source = "hashicorp/helm" + version = "~> 2.3" + } + } +} + +variable "project" {} +variable "kubernetesVersion" {} +variable "location" {} +variable "releaseChannel" {} + +module "gke_cluster" { + source = "../../../../install/terraform/modules/gke-autopilot" + + cluster = { + "name" = format("gke-autopilot-upgrade-test-cluster-%s", replace(var.kubernetesVersion, ".", "-")) + "project" = var.project + "location" = var.location + "releaseChannel" = var.releaseChannel + "kubernetesVersion" = var.kubernetesVersion + "deletionProtection" = false + "maintenanceExclusionStartTime" = timestamp() + "maintenanceExclusionEndTime" = timeadd(timestamp(), "2640h") # 110 days + } + + udpFirewall = false // firewall is created at the project module level +} diff --git a/build/terraform/upgrade/gke-standard/module.tf b/build/terraform/upgrade/gke-standard/module.tf new file mode 100644 index 0000000000..78e457ab2f --- /dev/null +++ b/build/terraform/upgrade/gke-standard/module.tf @@ -0,0 +1,67 @@ +// Copyright 2024 Google LLC All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + + +// Run: +// terraform apply -var project="" + +terraform { + required_version = ">= 1.0.0" + required_providers { + google = { + source = "hashicorp/google" + version = "~> 4.25.0" + } + helm = { + source = "hashicorp/helm" + version = "~> 2.3" + } + } +} + +variable "project" {} +variable "kubernetesVersion" {} +variable "location" {} +variable "releaseChannel" {} + +variable "machineType" { + default = "e2-standard-4" +} + +variable "initialNodeCount" { + default = 4 +} + +variable "overrideName" { + default = "" +} + +module "gke_cluster" { + source = "../../../../install/terraform/modules/gke" + + cluster = { + "name" = var.overrideName != "" ? var.overrideName : format("standard-upgrade-test-cluster-%s", replace(var.kubernetesVersion, ".", "-")) + "location" = var.location + "releaseChannel" = var.releaseChannel + "machineType" = var.machineType + "initialNodeCount" = var.initialNodeCount + "enableImageStreaming" = true + "project" = var.project + "kubernetesVersion" = var.kubernetesVersion + "maintenanceExclusionStartTime" = timestamp() + "maintenanceExclusionEndTime" = timeadd(timestamp(), "2640h") # 110 days + } + + udpFirewall = false // firewall is created at the project module level +} diff --git a/build/terraform/upgrade/module.tf b/build/terraform/upgrade/module.tf new file mode 100644 index 0000000000..6fb0bc4232 --- /dev/null +++ b/build/terraform/upgrade/module.tf @@ -0,0 +1,109 @@ +// Copyright 2024 Google LLC All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + + +// Run: +// terraform init -backend-config="bucket=-upgrade-infra-bucket-tfstate" -backend-config="prefix=terraform/state" +// terraform apply -var project="" + +terraform { + required_version = ">= 1.0.0" + required_providers { + google = { + source = "hashicorp/google" + version = "~> 4.25.0" + } + helm = { + source = "hashicorp/helm" + version = "~> 2.3" + } + } + backend "gcs" { + } +} + +variable "project" {} +variable "kubernetes_versions" { + description = "Create upgrade test clusters with these k8s versions in these regions" + type = map(list(string)) + default = { + "1.28" = ["us-west1", "RAPID"] + "1.29" = ["europe-west1", "RAPID"] + "1.30" = ["asia-east1", "RAPID"] + // "1.31" = ["us-east1", "RAPID"] + // + // Before merge: When adding Kubernetes version 1.{N}, first uncomment the line above, extending + // the infrastructure to 4 versions temporarily. Come back to these instructions after the + // update PR merges. + // + // After merge: After the Kubernetes update PR merges, and all active PRs are updated: + // + // * Move the 1.{N-3} line to the bottom and comment it out + // * Change the (commented out) 1.{N-3} to 1.{N+1} + // * You should now have 3 versions uncommented (versions 1.{N-2} .. 1.{N}), + // and 1.{N+1} commented out for the next update. The new, commented out 1.{N+1} + // should be using the region of the previous 1.{N-3} - this region will become + // unused. + // + // Rationale: We cycle the regions us-east1 -> us-west1 -> europe-west1 -> asia-east1 -> us-east1 + // as versions are added, using 4 regions so that the PR adding 1.{N} is in a unique region to + // 1.{N-3} .. 1.{N-1}, meaning versions never need to share a region in CI. + } +} + +module "gke_standard_cluster" { + for_each = var.kubernetes_versions + source = "./gke-standard" + project = var.project + kubernetesVersion = each.key + location = each.value[0] + releaseChannel = each.value[1] +} + +module "gke_autopilot_cluster" { + for_each = var.kubernetes_versions + source = "./gke-autopilot" + project = var.project + kubernetesVersion = each.key + location = each.value[0] + releaseChannel = each.value[1] +} + +resource "google_compute_firewall" "udp" { + name = "gke-game-server-firewall" + project = var.project + network = "default" + + allow { + protocol = "udp" + ports = ["7000-8000"] + } + + target_tags = ["game-server"] + source_ranges = ["0.0.0.0/0"] +} + +resource "google_compute_firewall" "tcp" { + name = "gke-game-server-firewall-tcp" + project = var.project + network = "default" + + allow { + protocol = "tcp" + ports = ["7000-8000"] + } + + target_tags = ["game-server"] + source_ranges = ["0.0.0.0/0"] +} diff --git a/build/terraform/upgrade/state-bucket/main.tf b/build/terraform/upgrade/state-bucket/main.tf new file mode 100644 index 0000000000..0234e30418 --- /dev/null +++ b/build/terraform/upgrade/state-bucket/main.tf @@ -0,0 +1,43 @@ +// Copyright 2024 Google LLC All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + + +// Run: +// terraform apply -var project="" + +// GCS bucket for holding the Terraform state of the upgrade test Terraform config. + +terraform { + required_version = ">= 1.0.0" + required_providers { + google = { + source = "hashicorp/google" + version = "~> 4.25.0" + } + } +} + +variable "project" {} + +resource "google_storage_bucket" "default" { + project = var.project + name = "${var.project}-upgrade-infra-bucket-tfstate" + force_destroy = false + uniform_bucket_level_access = true + location = "US" + storage_class = "STANDARD" + versioning { + enabled = true + } +}