Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/src/infra.gentoo.org/rsync.tf
blob: 2e278acf2958d02dbd7ee86f1b325f8d6d7adba4 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81

resource "google_compute_instance_template" "rsync-node-template" {
  name        = "rsync-node-template"
  description = "This template is used to create rsync node instances."

  tags = ["rsync"]

  labels = {
		container-vm = "cos-stable-71-11151-60-0"
    environment = "prod"
  }

  instance_description = "rsync node"
  machine_type         = "n1-standard-1"
  can_ip_forward       = false

  scheduling {
    automatic_restart   = true
    on_host_maintenance = "MIGRATE"
  }

  disk {
    source_image = "projects/cos-cloud/global/images/cos-stable-71-11151-60-0"
    auto_delete  = true
    boot         = true
  }

  network_interface {
    network = "default"
		access_config {
			network_tier = "STANDARD"
		}
	}

  metadata {
		google-logging-enabled = "true"
		gce-container-declaration = "spec:\n  containers:\n    - name: rsync-4\n      image: us.gcr.io/gentoo-infra-dev/rsync-node:prod\n      securityContext:\n        privileged: true\n      stdin: false\n      tty: false\n  restartPolicy: Always\n\n# This container declaration format is not public API and may change without notice. Please\n# use gcloud command-line tool or Google Cloud Console to run Containers on Google Compute Engine."
  }

  service_account {
		scopes = [
          "https://www.googleapis.com/auth/devstorage.read_only",
          "https://www.googleapis.com/auth/logging.write",
          "https://www.googleapis.com/auth/monitoring.write",
          "https://www.googleapis.com/auth/servicecontrol",
          "https://www.googleapis.com/auth/service.management.readonly",
          "https://www.googleapis.com/auth/trace.append"
	  ]
  }
}

resource "google_compute_region_instance_group_manager" "rsync-node-mig" {
  name = "rsync-node-mig"

  base_instance_name = "rsync-node"
  instance_template  = "${google_compute_instance_template.rsync-node-template.self_link}"
  update_strategy    = "NONE"
  region             = "us-central1"
  target_size  = 1
}

resource "google_compute_region_autoscaler" "rsync-autoscaler" {
	name = "rsync-autoscaler"
	target = "${google_compute_region_instance_group_manager.rsync-node-mig.self_link}"
	autoscaling_policy {
		min_replicas = 1
		max_replicas = 3
		cooldown_period = 60
		cpu_utilization {
			target = 0.90
		}
	}
}

resource "google_compute_firewall" "rsync-in" {
	name = "rsync-in"
	allow {
		protocol = "tcp"
		ports = ["873"]
	}
	target_tags = ["rsync"]
}