Variable convergence (#1)

* updating root module for convergence.

Signed-off-by: Erin Atkinson <[email protected]>

* update secondary module to plumb disk size.

Signed-off-by: Erin Atkinson <[email protected]>

* readme and output updates.

Signed-off-by: Erin Atkinson <[email protected]>

* organizing the vars and outputs.

Signed-off-by: Erin Atkinson <[email protected]>

README.md

@@ -4,7 +4,7 @@
 
 ## Description
 
-This module installs Terraform Enterprise HA BETA onto 1 or more gcp instances in DEMO mode. All data is stored on the instance(s) and is not preserved. 
+This module installs Terraform Enterprise HA BETA onto 1 or more gcp instances in DEMO mode. All data is stored on the instance(s) and is not preserved.
 
 An Ubuntu Bionic (18.04 LTS) image is chosen by default, but this config supports previous version of Ubuntu as well as Red Hat Enterprise Linux 7.2-7.7 (v8 is not supported.)
 
@@ -19,46 +19,46 @@ Please contact your Technical Account Manager for more information, and support
 
 | Name | Description | Type | Default | Required |
 |------|-------------|:----:|:-----:|:-----:|
-| cert | Certificate file or gcp cert link | string | n/a | yes |
-| creds | Name of credential file | string | n/a | yes |
-| dnszone | Managed DNS Zone name | string | n/a | yes |
+| certificate | Path to Certificate file or GCP certificate link | string | n/a | yes |
+| credentials\_file | Path to credential file | string | n/a | yes |
+| dns\_zone | Managed DNS Zone name | string | n/a | yes |
 | domain | domain name | string | n/a | yes |
-| frontenddns | DNS name for load balancer | string | n/a | yes |
+| frontend\_dns | DNS name for load balancer | string | n/a | yes |
 | license\_file | License file | string | n/a | yes |
 | project | Name of the project to deploy into | string | n/a | yes |
-| publicip | the public IP for the load balancer to use | string | n/a | yes |
-| sslpolicy | SSL policy for the cert | string | n/a | yes |
+| public\_ip | the public IP for the load balancer to use | string | n/a | yes |
+| ssl\_policy | SSL policy for the cert | string | n/a | yes |
 | subnet | name of the subnet to install into | string | n/a | yes |
 | airgap\_installer\_url | URL to replicated's airgap installer package | string | `"https://install.terraform.io/installer/replicated-v5.tar.gz"` | no |
-| airgapurl | airgap url | string | `"none"` | no |
-| encpasswd | encryption password for the vault unseal key. save this! | string | `""` | no |
+| airgap\_package\_url | airgap url | string | `"none"` | no |
+| boot\_disk\_size | The size of the boot disk to use for the instances | string | `"40"` | no |
+| encryption\_password | encryption password for the vault unseal key. save this! | string | `""` | no |
 | external\_services | object store provider for external services. Allowed values: gcs | string | `""` | no |
 | gcs\_bucket | Name of the gcp storage bucket | string | `""` | no |
 | gcs\_credentials | Base64 encoded credentials json to access your gcp storage bucket. Run base64 -i <creds.json> -o <credsb64.json> and then copy the contents of the file into the variable | string | `""` | no |
 | gcs\_project | Project name where the bucket resides | string | `""` | no |
 | image\_family | The image family, choose from ubuntu-1604-lts, ubuntu-1804-lts, or rhel-7 | string | `"ubuntu-1804-lts"` | no |
-| install\_type | Switch to production for external services. Defaults to demo mode | string | `"poc"` | no |
-| pg\_dbname | Database name | string | `""` | no |
-| pg\_extra\_params | Extra connection parameters such as ssl=true | string | `""` | no |
-| pg\_netloc | Database connection url | string | `""` | no |
-| pg\_password | Base64 encoded database password | string | `""` | no |
-| pg\_user | Database username | string | `""` | no |
+| install\_type | Installation type, options are (poc or production). Switch to production for external services. | string | `"poc"` | no |
+| postgresql\_address | Database connection url | string | `""` | no |
+| postgresql\_database | Database name | string | `""` | no |
+| postgresql\_extra\_params | Extra connection parameters such as ssl=true | string | `""` | no |
+| postgresql\_password | Base64 encoded database password | string | `""` | no |
+| postgresql\_user | Database username | string | `""` | no |
 | primary\_count | Number of primary nodes to run, must be odd number | string | `"1"` | no |
+| primary\_hostname | hostname prefix | string | `"ptfe-primary"` | no |
 | primary\_machine\_type | Type of machine to use | string | `"n1-standard-4"` | no |
-| primaryhostname | hostname prefix | string | `"ptfe-primary"` | no |
 | region | The region to install into. | string | `"us-central1"` | no |
 | release\_sequence | Replicated release sequence | string | `"latest"` | no |
+| secondary\_count | Number of secondary nodes to run | string | `"0"` | no |
 | secondary\_machine\_type | Type of machine to use for secondary nodes, if unset, will default to primary_machine_type | string | `"n1-standard-4"` | no |
-| worker\_count | Number of secondary nodes to run | string | `"0"` | no |
 | zone | Preferred zone | string | `"us-central1-a"` | no |
 
 ## Outputs
 
 | Name | Description |
 |------|-------------|
-| primary\_public\_ip |  |
-| ptfe\_endpoint |  |
-| ptfe\_health\_check |  |
-| replicated\_console\_password |  |
-| replicated\_console\_url |  |
-
+| application\_endpoint | The URI to access the Terraform Enterprise Application. |
+| application\_health\_check | The URI for the Terraform Enterprise Application health check. |
+| installer\_dashboard\_password | The password to access the installer dashboard. |
+| installer\_dashboard\_url | The URL to access the installer dashboard. |
+| primary\_public\_ip | The Public IP for the load balancer to use. |

examples/root-example/README.md

@@ -1,60 +1,61 @@
-#Terraform Enterprise HA (Beta) Example
+# Terraform Enterprise HA (Beta) Example
 
 This example assumes you have already set up your gcp project with the required prereqs:
 
-	* VPC
-	* Subnet specifically for Terrafrom Enterprise
-	* Firewall rules as outlined [in the instructions](link_to_website_instructions)
-	* A valid certificate and ssl policy in gcp. (If you are not going to use a google managed ssl certificate, plesae [read the instructions here on what to comment out](link_to_instructions))
-	* An IP address and DNS entry for the front end load balancer
-	* A DNS Zone in gcp
-	* A license file provided by your Technical Account Manager
+* VPC
+* Subnet specifically for Terrafrom Enterprise
+* Firewall rules as outlined [in the instructions](link_to_website_instructions)
+* A valid certificate and ssl policy in gcp. (If you are not going to use a google managed ssl certificate, plesae [read the instructions here on what to comment out](link_to_instructions))
+* An IP address and DNS entry for the front end load balancer
+* A DNS Zone in gcp
+* A license file provided by your Technical Account Manager
 
 With this code you can either create a single instance, or a build a cluster:
 
 ![basic architecture diagram](tfeha_basic_diagram.jpg)
 
 ## Change to the example directory
 
-```
+```bash
 cd examples/root-example
 ```
 
 ## Install Terraform
 
 Install Terraform if it is not already installed (visit [terraform.io](https://terraform.io) for other distributions):
 
-```
+```bash
 ../terraform-install.sh
 ```
 
 ## Set the desired options in the module block
 
 You'll need to update the following settings to your set up:
 
-	* project: name of the project
-	* creds: json file name
-	* publicip: The IP address to attach to the load balancer
-	* domain: domain to use
-	* dnszone: the name of the dns zone in gcp
-	* cert: the api url of the google certficiate to use
-	* sslpolicy: name of the ssl policy to use
-	* subnet: subnet to deploy into (this should be reserved for tfe)
+* project: name of the project
+* creds: json file name
+* publicip: The IP address to attach to the load balancer
+* domain: domain to use
+* dnszone: the name of the dns zone in gcp
+* cert: the api url of the google certficiate to use
+* sslpolicy: name of the ssl policy to use
+* subnet: subnet to deploy into (this should be reserved for tfe)
 
- This example is set to spin up a single instance, but the `primary_count` and `worker_count` can be updated to build a cluster instead.  
+ This example is set to spin up a single instance, but the `primary_count` and `secondary_count` can be updated to build a cluster instead.  
 
 ## Run Terraform
-```
+
+```bash
 terraform init
 terraform apply
 ```
 
 ## Wait for the application to load
 
-The replicated console url will output along with the password. 
+The replicated console url will output along with the password.
 
 ![output](output_example.png)
 
-You can log into that dashboard at that url and wait for the application to be ready. This can take up to 30 minutes! Once complete use the `Open` link to set up the admin user and initial organization. 
+You can log into that dashboard at that url and wait for the application to be ready. This can take up to 30 minutes! Once complete use the `Open` link to set up the admin user and initial organization.
 
-![application started](app_started.png)
+![application started](app_started.png)

examples/root-example/main.tf

@@ -3,30 +3,30 @@ variable "region" {
 }
 
 provider "google" {
-  region      = "${var.region}"
+  region = "${var.region}"
 }
 
 provider "google-beta" {
-  region      = "${var.region}"
+  region = "${var.region}"
 }
 
 module "tfe-beta" {
-  source = "hashicorp/tfe-ha/google"
-  version = "0.0.1"
-  creds = "auth-file-123456678.json"
-  region = "${var.region}"
-  zone = "${var.region}-a"
-  project = "tfe-beta"
-  domain = "example.com"
-  dnszone = "example"
-  publicip = "1.2.3.4"
-  cert = "https://www.googleapis.com/compute/v1/project/terraform-test/global/sslCertificates/tfe"
-  sslpolicy = "tfe-ssl-policy"
-  subnet = "tfe-subnet"
-  frontenddns = "tfe-beta"
+  source           = "hashicorp/tfe-ha/google"
+  version          = "0.0.1-beta"
+  credentials_file = "auth-file-123456678.json"
+  region           = "${var.region}"
+  zone             = "${var.region}-a"
+  project          = "tfe-beta"
+  domain           = "example.com"
+  dns_zone         = "example"
+  public_ip        = "1.2.3.4"
+  certificate      = "https://www.googleapis.com/compute/v1/project/terraform-test/global/sslCertificates/tfe"
+  ssl_policy       = "tfe-ssl-policy"
+  subnet           = "tfe-subnet"
+  frontend_dns     = "tfe-beta"
 
-  primary_count = "1"
-  worker_count  = "0"
+  primary_count   = "1"
+  secondary_count = "0"
 
   license_file = "customer.rli"
-}
+}

module-instance-template.tf

@@ -4,12 +4,13 @@ module "instance-template" {
   secondary_machine_type = "${local.rendered_secondary_machine_type}"
 
   ptfe_subnet            = "${var.subnet}"
-  cluster_endpoint       = "${var.primaryhostname}-0"
+  cluster_endpoint       = "${var.primary_hostname}-0"
   bootstrap_token_id     = "${random_string.bootstrap_token_id.result}"
   bootstrap_token_suffix = "${random_string.bootstrap_token_suffix.result}"
   setup_token            = "${random_string.setup_token.result}"
   image_family           = "${var.image_family}"
   install_type           = "${var.install_type}"
   repl_data              = "${base64encode("${random_pet.console_password.id}")}"
   release_sequence       = "${var.release_sequence}"
+  boot_disk_size         = "${var.boot_disk_size}"
 }

module-lb.tf

@@ -1,10 +1,10 @@
 module "lb" {
-  source   = "./modules/lb"
-  domain   = "${var.domain}"
-  publicIP = "${var.publicip}"
-  cert     = "${var.cert}"
-  sslpolicy = "${var.sslpolicy}"
+  source            = "./modules/lb"
+  domain            = "${var.domain}"
+  publicIP          = "${var.public_ip}"
+  cert              = "${var.certificate}"
+  sslpolicy         = "${var.ssl_policy}"
   primary_instances = "${google_compute_instance.primary.*.self_link}"
-  instance_group = "${google_compute_instance_group.primaries.self_link}"
-  frontenddns = "${var.frontenddns}"
+  instance_group    = "${google_compute_instance_group.primaries.self_link}"
+  frontenddns       = "${var.frontend_dns}"
 }

modules/instance-template/README.md

@@ -0,0 +1,24 @@
+# Terraform Enterprise: High Availability - Instance Template Submodule
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|:----:|:-----:|:-----:|
+| bootstrap\_token\_id | bootstrap token id | string | n/a | yes |
+| bootstrap\_token\_suffix | bootstrap token suffix | string | n/a | yes |
+| cluster\_endpoint | the cluster endpoint | string | n/a | yes |
+| image\_family | image family | string | n/a | yes |
+| install\_type | type of install - poc or production | string | n/a | yes |
+| ptfe\_subnet | subnet to deploy into | string | n/a | yes |
+| region | The region to install into. | string | n/a | yes |
+| release\_sequence | Replicated release sequence | string | n/a | yes |
+| repl\_data | console | string | n/a | yes |
+| secondary\_machine\_type | Type of machine to use | string | n/a | yes |
+| setup\_token | setup token | string | n/a | yes |
+| boot\_disk\_size | The size of the boot disk to use for the instances | string | `"40"` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| secondary\_template |  |

modules/instance-template/secondary.tf

@@ -1,14 +1,14 @@
 resource "google_compute_instance_template" "secondary" {
-  name_prefix  = "ptfe-secondary-template-"
-  machine_type = "${var.secondary_machine_type}"
-  region       = "${var.region}"
+  name_prefix    = "ptfe-secondary-template-"
+  machine_type   = "${var.secondary_machine_type}"
+  region         = "${var.region}"
   can_ip_forward = true
 
   disk {
     source_image = "${var.image_family}"
     auto_delete  = true
     boot         = true
-    disk_size_gb = "40"
+    disk_size_gb = "${var.boot_disk_size}"
     disk_type    = "pd-ssd"
   }
 
@@ -37,6 +37,5 @@ resource "google_compute_instance_template" "secondary" {
     repl-data            = "${var.repl_data}"
     release-sequence     = "${var.release_sequence}"
   }
-
   metadata_startup_script = "${file("${path.module}/../../files/install-ptfe.sh")}"
 }

modules/instance-template/variables.tf

@@ -42,6 +42,12 @@ variable "image_family" {
   description = "image family"
 }
 
+variable "boot_disk_size" {
+  type        = "string"
+  description = "The size of the boot disk to use for the instances"
+  default     = 40
+}
+
 variable "install_type" {
   type        = "string"
   description = "type of install - poc or production"
@@ -55,4 +61,4 @@ variable "repl_data" {
 variable "release_sequence" {
   type        = "string"
   description = "Replicated release sequence"
-}
+}

modules/lb/README.md

@@ -0,0 +1,19 @@
+# Terraform Enterprise: High Availability - Load Balancer Submodule
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|:----:|:-----:|:-----:|
+| cert | certificate for the load balancer | string | n/a | yes |
+| domain | domain | string | n/a | yes |
+| frontenddns | front end url name | string | n/a | yes |
+| instance\_group | primary instance group | string | n/a | yes |
+| primary\_instances | primary instances | list | n/a | yes |
+| publicIP | External-facing IP address for PTFE application | string | n/a | yes |
+| sslpolicy | SSL policy for the cert | string | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| cluster\_endpoint |  |

modules/lb/forwarding_rule.tf

@@ -12,5 +12,6 @@ resource "google_compute_target_https_proxy" "ptfe" {
   url_map          = "${google_compute_url_map.ptfe.self_link}"
   ssl_certificates = ["${var.cert}"]
   ssl_policy       = "${var.sslpolicy}"
+
   #ssl_certificates = ["${file("${path.module}/${var.cert})"]
 }

outputs.tf

@@ -1,28 +1,24 @@
-output "installer_dashboard_url" {
-  value = "https://${google_compute_instance.primary.0.network_interface.0.access_config.0.nat_ip}:8800"
-  description = "URL to access the Installer Dashboard."
+output "application_endpoint" {
+  value       = "https://${var.frontend_dns}.${substr(data.google_dns_managed_zone.dnszone.dns_name, 0, length(data.google_dns_managed_zone.dnszone.dns_name) - 1)}"
+  description = "The URI to access the Terraform Enterprise Application."
 }
 
-output "installer_dashboard_password" {
-  value = "${random_pet.console_password.id}"
-  description = "Password for the Installer Dashboard."
+output "application_health_check" {
+  value       = "https://${var.frontend_dns}.${substr(data.google_dns_managed_zone.dnszone.dns_name, 0, length(data.google_dns_managed_zone.dnszone.dns_name) - 1)}/_health_check"
+  description = "The URI for the Terraform Enterprise Application health check."
 }
 
-/*output "replicated_console_url" {
-  value = "https://${var.frontenddns}.${substr(data.google_dns_managed_zone.dnszone.dns_name, 0, length(data.google_dns_managed_zone.dnszone.dns_name) - 1)}/dashboard"
-}*/
-
-output "primary_public_ip" {
-  value = "${var.publicip}"
-  description = "Front end IP for the load balancer."
+output "installer_dashboard_password" {
+  value       = "${random_pet.console_password.id}"
+  description = "The password to access the installer dashboard."
 }
 
-output "tfe_endpoint" {
-  value = "https://${var.frontenddns}.${substr(data.google_dns_managed_zone.dnszone.dns_name, 0, length(data.google_dns_managed_zone.dnszone.dns_name) - 1)}"
-  description = "Application URL"
+output "installer_dashboard_url" {
+  value       = "https://${google_compute_instance.primary.0.network_interface.0.access_config.0.nat_ip}:8800"
+  description = "The URL to access the installer dashboard."
 }
 
-output "tfe_health_check" {
-  value = "https://${var.frontenddns}.${substr(data.google_dns_managed_zone.dnszone.dns_name, 0, length(data.google_dns_managed_zone.dnszone.dns_name) - 1)}/_health_check"
-  description = "Health Check URL"
-}
+output "primary_public_ip" {
+  value       = "${var.public_ip}"
+  description = "The Public IP for the load balancer to use."
+}