Enable spot instance (#79)

* Add spot instance support for bastions * Remove comments
FairwindsOps · Sep 11, 2023 · f0f7d42 · f0f7d42
1 parent 0f1c732
commit f0f7d42
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 15 deletions.
diff --git a/gcp/CHANGELOG.md b/gcp/CHANGELOG.md
@@ -1,25 +1,31 @@
 # Changelog
+
 All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
+## [gcp-v1.0.1]
+
+- Enable compute vms to be set as either spot instances or standard instances
+
 ## [gcp-v1.0.0]
-* Introducting a breaking change by updating the terraform required_providers block to the format supported for terraform versions >=0.13
+
+- Introducting a breaking change by updating the terraform required_providers block to the format supported for terraform versions >=0.13
 
 ## [gcp-v0.1.3]
-* Update startup-script so that the upgrade command runs as an `at`. This is a bugfix in the situation that it upgrade `google-guest-agent` which would restart the startup-script and DNS Update + user creation will never happen.
+
+- Update startup-script so that the upgrade command runs as an `at`. This is a bugfix in the situation that it upgrade `google-guest-agent` which would restart the startup-script and DNS Update + user creation will never happen.
 
 ## [gcp-v0.1.2]
 
-* Update startup-script to not include a `dist-upgrade`
-* Change the default compute-image project to `ubuntu-os-cloud` for more up to date images
+- Update startup-script to not include a `dist-upgrade`
+- Change the default compute-image project to `ubuntu-os-cloud` for more up to date images
 
 ## [gcp-v0.1.1]
 
-* Fix GCP DNS registration script to remove old host records (#29)
+- Fix GCP DNS registration script to remove old host records (#29)
 
 ## [0.1.0]
 
 Initial release of the GCP bastion module.
-
diff --git a/gcp/inputs.tf b/gcp/inputs.tf
@@ -9,7 +9,7 @@ variable "region" {
 
 variable "availability_zones" {
   description = "The availability zones within $region where the Auto Scaling Group can place the bastion."
-  type        = list
+  type        = list(any)
 }
 
 variable "infrastructure_bucket" {
@@ -44,13 +44,13 @@ variable "remove_root_access" {
 }
 
 variable "additional_users" {
-  type        = list
+  type        = list(any)
   description = "Additional users to be created on the bastion. Specify users as a list of maps. See an example in the `example-usage` file. Required map keys are `login` (user name) and `authorized_keys`. Optional map keys are `gecos` (full name), `supplemental_groups` (comma-separated), and `shell`. The authorized_keys will be output to ~/.ssh/authorized_keys using printf - multiple keys can be specified by including \\n in the string."
   default     = []
 }
 
 variable "additional_external_users" {
-  type        = list
+  type        = list(any)
   description = "Additional users to be created on the bastion. Works the same as additional_users, but adds users via a separate systemd unit file. Specify users as a list of maps. See an example in the `example-usage` file. Required map keys are `login` (user name) and `authorized_keys`. Optional map keys are `gecos` (full name), `supplemental_groups` (comma-separated), and `shell`. The authorized_keys will be output to ~/.ssh/authorized_keys using printf - multiple keys can be specified by including \\n in the string."
   default     = []
 }
@@ -67,17 +67,17 @@ variable "machine_type" {
 
 variable "enable_secure_boot" {
   description = "Enables shielded instance secure boot which verifies the digital signature of all boot components, and halts the boot process if signature verification fails."
-  default = false
+  default     = false
 }
 
 variable "enable_confidential_compute" {
   description = "Defines whether the instance should have confidential compute enabled."
-  default = false
+  default     = false
 }
 
 variable "on_host_maintenance" {
   description = "Sets the scheduling.onHostMaintenance behavior. Must be either MIGRATE or TERMINATE"
-  default = "MIGRATE"
+  default     = "MIGRATE"
 }
 
 variable "dns_zone_name" {
@@ -112,3 +112,8 @@ variable "image_project" {
   default     = "ubuntu-os-cloud"
 }
 
+variable "vm_preemtible" {
+  type        = bool
+  description = "Boolean to set the VM to be preemptible. If true, the VM is set to SPOT. Otherwise defaults to Standard"
+  default     = false
+}
diff --git a/gcp/instance-template.tf b/gcp/instance-template.tf
@@ -32,10 +32,12 @@ resource "google_compute_instance_template" "bastion" {
   can_ip_forward       = false
 
   scheduling {
-    automatic_restart   = true
-    on_host_maintenance = var.on_host_maintenance
+    provisioning_model          = var.vm_preemtible ? "SPOT" : "STANDARD"
+    instance_termination_action = var.vm_preemtible ? "STOP" : null
+    preemptible                 = var.vm_preemtible ? true : false
+    automatic_restart           = var.vm_preemtible ? false : true
+    on_host_maintenance         = var.on_host_maintenance
   }
-
   disk {
     source_image = data.google_compute_image.ubuntu.self_link
     auto_delete  = true