diff --git a/jupyter/terraform-dependencies/main.tf b/jupyter/terraform-dependencies/main.tf new file mode 100644 index 00000000..b95a03d2 --- /dev/null +++ b/jupyter/terraform-dependencies/main.tf @@ -0,0 +1,37 @@ + +data "google_client_config" "default" {} + +data "google_container_cluster" "testbed_cluster" { + name = var.cluster_name + location = var.project_region +} + +data "kustomization_build" "training-operator" { + path = "github.com/kubeflow/manifests.git/apps/training-operator/upstream/overlays/standalone?ref=${var.kubeflow_version}" +} + + +resource "kustomization_resource" "training-operator" { + for_each = data.kustomization_build.training-operator.ids + manifest = data.kustomization_build.training-operator.manifests[each.value] +} + +# Create NFS resource +resource "helm_release" "nfs_client_provisioner" { + name = var.nfs_provider_information.release_name + repository = var.nfs_provisioner_repo_url + chart = var.nfs_provider_information.chart_name + + namespace = var.nfs_provider_information.namespace + create_namespace = true + + values = [ + templatefile("${path.module}/values.nfs.yaml.tpl", { + nfs_server_path = var.nfs_provider_information.server_path + image_repository = var.nfs_provider_information.image_repository + image_tag = var.nfs_provider_information.image_tag + image_policy = var.nfs_provider_information.pull_policy + nfs_size = var.nfs_provider_information.storage_size + }) + ] +} diff --git a/jupyter/terraform-kubeflow/providers.tf b/jupyter/terraform-dependencies/providers.tf similarity index 75% rename from jupyter/terraform-kubeflow/providers.tf rename to jupyter/terraform-dependencies/providers.tf index ccba76bb..eebaa3bf 100644 --- a/jupyter/terraform-kubeflow/providers.tf +++ b/jupyter/terraform-dependencies/providers.tf @@ -39,3 +39,14 @@ provider "kubernetes" { data.google_container_cluster.fltk_cluster.master_auth[0].cluster_ca_certificate, ) } + + +provider "helm" { + kubernetes { + host = "https://${data.google_container_cluster.testbed_cluster.endpoint}" + token = data.google_client_config.provider.access_token # Provided by Google data object + cluster_ca_certificate = base64decode( + data.google_container_cluster.fltk_cluster.master_auth[0].cluster_ca_certificate, + ) + } +} \ No newline at end of file diff --git a/jupyter/terraform-dependencies/values.nfs.yaml.tpl b/jupyter/terraform-dependencies/values.nfs.yaml.tpl new file mode 100644 index 00000000..4ff2feac --- /dev/null +++ b/jupyter/terraform-dependencies/values.nfs.yaml.tpl @@ -0,0 +1,98 @@ + Default values for nfs-provisioner. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +# imagePullSecrets: + +image: + repository: ${image_repository} + tag: ${image_tag} + pullPolicy: ${pull_policy} + +# For a list of available arguments +# Please see https://github.com/kubernetes-incubator/external-storage/blob/master/nfs/docs/deployment.md#arguments +extraArgs: {} + # device-based-fsids: false + +service: + type: ClusterIP + + nfsPort: 2049 + nlockmgrPort: 32803 + mountdPort: 20048 + rquotadPort: 875 + rpcbindPort: 111 + statdPort: 662 + # nfsNodePort: + # nlockmgrNodePort: + # mountdNodePort: + # rquotadNodePort: + # rpcbindNodePort: + # statdNodePort: + + externalIPs: [] + +persistence: + enabled: true + + ## Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + storageClass: "default" + + accessMode: ReadWriteOnce + size: ${nfs_size} + +## For creating the StorageClass automatically: +storageClass: + create: true + + ## Set a provisioner name. If unset, a name will be generated. + # provisionerName: + + ## Set StorageClass as the default StorageClass + ## Ignored if storageClass.create is false + defaultClass: false + + ## Set a StorageClass name + ## Ignored if storageClass.create is false + name: nfs + + # set to null to prevent expansion + allowVolumeExpansion: true + ## StorageClass parameters + parameters: {} + + mountOptions: + - vers=3 + + ## ReclaimPolicy field of the class, which can be either Delete or Retain + reclaimPolicy: Delete + +## For RBAC support: +rbac: + create: true + + ## Ignored if rbac.create is true + ## + serviceAccountName: default + +resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +nodeSelector: {} + +tolerations: [] + +affinity: {} \ No newline at end of file diff --git a/jupyter/terraform-dependencies/variables.tf b/jupyter/terraform-dependencies/variables.tf new file mode 100644 index 00000000..a7ab5c31 --- /dev/null +++ b/jupyter/terraform-dependencies/variables.tf @@ -0,0 +1,68 @@ +variable "kubernetes_config_path" { + description = "Path of Kubernetes configuration file (change for non-default kubectl setup)" + default = "~/.kube/config" +} + +variable "project_id" { + type = string + default = "qpecs-fltk-2022" + description = "Google Cloud project name to create cluster in." +} + +variable "cluster_name" { + type = string + default = "fltk-testbed-cluster" + description = "Name of the GKE cluster to be deployed in project ." +} + +variable "project_region" { + type = string + default = "us-central1" + description = "GKE region to deploy cluster in." +} + +variable "description" { + type = string + default = "Managed by terraform FLTK testbed deployment" +} + +variable "account_id" { + type = string + description = "The service account Identifier to be used to interact with Google cloud." + default = "terraform-iam-service-account" +} + +variable "kubeflow_version" { + type = string + description = "Kubeflow (training operator) to install." + default = "v1.5.0" +} + +variable "nfs_provider_information" { + type = object({ + release_name = string + chart_name = string + namespace = string + server_path = string + image_repository = string + image_tag = string + pull_policy = string + storage_size = string + }) + default = { + release_name = "nfs-client-provisioner" + chart_name = "nfs-client-provisioner" + namespace = "test" + server_path = "/mnt/kubernetes" + image_repository = "quay.io/external_storage/nfs-client-provisioner" + image_tag = "v3.1.0-k8s1.11" + pull_policy = "IfNotPresent" + storage_size = "50" + } +} + +variable "nfs_provisioner_repo_url" { + description = "Repository URL to locate the utilized helm charts" + type = string + default = "https://kvaps.github.io/charts" +} diff --git a/jupyter/terraform-kubeflow/versions.tf b/jupyter/terraform-dependencies/versions.tf similarity index 78% rename from jupyter/terraform-kubeflow/versions.tf rename to jupyter/terraform-dependencies/versions.tf index 6b9a7c6e..461b4e6e 100644 --- a/jupyter/terraform-kubeflow/versions.tf +++ b/jupyter/terraform-dependencies/versions.tf @@ -14,6 +14,11 @@ terraform { source = "hashicorp/kubernetes" version = ">= 1.13.1" } + + helm = { + source = "hashicorp/helm" + version = "" + } } required_version = "~> 1.1" } diff --git a/jupyter/terraform-gke/gke_cluster.tf b/jupyter/terraform-gke/main.tf similarity index 100% rename from jupyter/terraform-gke/gke_cluster.tf rename to jupyter/terraform-gke/main.tf diff --git a/jupyter/terraform-gke/variables.tf b/jupyter/terraform-gke/variables.tf index 8f5eaead..3d2c8c29 100644 --- a/jupyter/terraform-gke/variables.tf +++ b/jupyter/terraform-gke/variables.tf @@ -12,7 +12,7 @@ variable "project_id" { variable "cluster_name" { type = string - default = "freddie-testbed-cluster" + default = "fltk-testbed-cluster" description = "Name of the GKE cluster to be deployed in project ." } diff --git a/jupyter/terraform-kubeflow/main.tf b/jupyter/terraform-kubeflow/main.tf deleted file mode 100644 index 25b0d516..00000000 --- a/jupyter/terraform-kubeflow/main.tf +++ /dev/null @@ -1,18 +0,0 @@ - -data "google_client_config" "default" {} - -data "google_container_cluster" "testbed_cluster" { - name = var.cluster_name - location = var.project_region -} - -data "kustomization_build" "training-operator" { - path = "github.com/kubeflow/manifests.git/apps/training-operator/upstream/overlays/standalone?ref=${var.kubeflow_version}" -} - - - -resource "kustomization_resource" "training-operator" { - for_each = data.kustomization_build.training-operator.ids - manifest = data.kustomization_build.training-operator.manifests[each.value] -} diff --git a/jupyter/terraform-kubeflow/variables.tf b/jupyter/terraform-kubeflow/variables.tf deleted file mode 100644 index a36f35f6..00000000 --- a/jupyter/terraform-kubeflow/variables.tf +++ /dev/null @@ -1,45 +0,0 @@ -variable "kubernetes_config_path" { - description = "Path of Kubernetes configuration file" - default = "~/.kube/config" -} - -variable "project_id" { - type = string - default = "qpecs-fltk-2022" - description = "Google Cloud project name to create cluster in." -} - -variable "cluster_name" { - type = string - default = "freddie-testbed-cluster" - description = "Name of the GKE cluster to be deployed in project ." -} - -variable "project_region" { - type = string - default = "us-central1" - description = "GKE region to deploy cluster in." -} - -variable "description" { - type = string - default = "Managed by terraform FLTK testbed deployment" -} - -variable "account_id" { - type = string - description = "The service account Identifier to be used to interact with Google cloud." - default = "terraform-iam-service-account" -} - -variable "complete" { - type = bool - description = "Whether or not to fully install kubeflow, or only training operators." - default = false -} - -variable "kubeflow_version" { - type = string - description = "Kubeflow (training operator) to install." - default = "v1.5.0" -} diff --git a/jupyter/terraform_notebook.ipynb b/jupyter/terraform_notebook.ipynb index e6b32e8a..f600e2ef 100644 --- a/jupyter/terraform_notebook.ipynb +++ b/jupyter/terraform_notebook.ipynb @@ -2,91 +2,97 @@ "cells": [ { "cell_type": "markdown", + "source": [ + "# Pre-requisites\n", + "\n", + "Before we get started, first make sure to install all the required tools. We provide two lists below, one needed for setting up the testbed. And one for developing code to use with the testbed. Feel free to skip the installation of the second list, and return in a later point in time.\n", + "\n", + "Make sure to install a recent version of each of the dependencies.\n", + "\n", + " * GCloud SDK\n", + " - Follow the installation instructions [here](https://cloud.google.com/sdk/docs/install)\n", + " - Intialize the SDK with `gcloud init`\n", + " - ⚠️ Run the command `gcloud auth application-default login`\n", + " - ℹ️ We need to run this command in order to utilize your login credentials programmatically with terraform. This is needed as we will use these to impersonate a service account during the creation and setup of the Kubernetes cluster.\n", + " - ⚠️ Run the command `gcloud components install beta`\n", + " - ℹ️ We need to run this command to list the billing account ID's and enable billing. Currently, these features fall under beta access.\n", + " * Kubectl\n", + " * Helm\n", + " * Terraform\n", + " * Python3.9\n", + " * Jupyter\n", + " ```bash\n", + " pip3 install jupyter\n", + " ```\n", + " * bash_kernel\n", + " ```bash\n", + " pip3 install bash_kernel\n", + " python3 -m bash_kernel.install\n", + " ```\n", + "\n", + "For development, the following tools are needed/recommended:\n", + "\n", + " * Docker (>= 18.09).\n", + " - If you don't have experience with using Docker, we recommend following [this](https://docs.docker.com/get-started/) tutorial.\n", + " * Python3.9\n", + " * pip3\n", + " * JetBrains PyCharm\n" + ], + "metadata": { + "collapsed": false, + "pycharm": { + "name": "#%% md\n" + } + } + }, + { + "cell_type": "markdown", + "source": [ + "# Preparation\n", + "\n", + "To make sure we can request resources on Google Cloud Platform (GCP), perform the following;\n", + "\n", + "1. Create a GCP account on [https://cloud.google.com](https://cloud.google.com), using a Google account\n", + "2. Redeem your academic coupon on GCP, see Brightspace for information on obtaining the $\\$50 academic coupon, or use the free $\\$300 credits for new users provided by Google." + ], "metadata": { + "collapsed": false, "pycharm": { "name": "#%% md\n" } }, + "outputs": [] + }, + { + "cell_type": "markdown", "source": [ - "# Pre-requisits\n", + "# Deployment\n", + "\n", + "## Getting started\n", "\n", - "First make sure that all the dependencies are available\n" - ] + "First we will set a few variables. If you change any of these, make sure to change the corresponding variables as well in;\n", + "\n", + "* [`terraform-gke/variables.tf`](terraform-gke/variables.tf)\n", + "* [`terraform-dependencies/variables.tf`](terraform-dependencies/variables.tf)\n", + "\n" + ], + "metadata": { + "collapsed": false, + "pycharm": { + "name": "#%% md\n" + } + } }, { "cell_type": "code", - "execution_count": 1, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "Running `brew update --auto-update`...\n", - "\u001B[34m==>\u001B[0m \u001B[1mAuto-updated Homebrew!\u001B[0m\n", - "Updated 3 taps (homebrew/core, homebrew/cask and homebrew/services).\n", - "\u001B[34m==>\u001B[0m \u001B[1mNew Formulae\u001B[0m\n", - "burst ripsecrets\n", - "purescript-language-server swiftdraw\n", - "rdb\n", - "\u001B[34m==>\u001B[0m \u001B[1mNew Casks\u001B[0m\n", - "decentr filen fresh goxel\n", - "\n", - "You have \u001B[1m6\u001B[0m outdated formulae and \u001B[1m1\u001B[0m outdated cask installed.\n", - "You can upgrade them with \u001B[1mbrew upgrade\u001B[0m\n", - "or list them with \u001B[1mbrew outdated\u001B[0m.\n", - "\n", - "\u001B[33mWarning:\u001B[0m terraform 1.2.7 is already installed and up-to-date.\n", - "To reinstall 1.2.7, run:\n", - " brew reinstall terraform\n", - "\u001B[33mWarning:\u001B[0m helm 3.9.3 is already installed and up-to-date.\n", - "To reinstall 3.9.3, run:\n", - " brew reinstall helm\n", - "kubernetes-cli 1.24.3 is already installed but outdated (so it will be upgraded).\n", - "\u001B[33mWarning:\u001B[0m git 2.37.2 is already installed and up-to-date.\n", - "To reinstall 2.37.2, run:\n", - " brew reinstall git\n", - "\u001B[34m==>\u001B[0m \u001B[1mDownloading https://ghcr.io/v2/homebrew/core/kubernetes-cli/manifests/1.24.4\u001B[0m\n", - "######################################################################## 100.0%\n", - "\u001B[34m==>\u001B[0m \u001B[1mDownloading https://ghcr.io/v2/homebrew/core/kubernetes-cli/blobs/sha256:0ec\u001B[0m\n", - "\u001B[34m==>\u001B[0m \u001B[1mDownloading from https://pkg-containers.githubusercontent.com/ghcr1/blobs/sh\u001B[0m\n", - "######################################################################## 100.0%\n", - "\u001B[32m==>\u001B[0m \u001B[1mUpgrading \u001B[32mkubectl\u001B[39m\n", - " 1.24.3 -> 1.24.4 \n", - "\u001B[0m\n", - "\u001B[34m==>\u001B[0m \u001B[1mPouring kubernetes-cli--1.24.4.monterey.bottle.tar.gz\u001B[0m\n", - "\u001B[34m==>\u001B[0m \u001B[1mCaveats\u001B[0m\n", - "zsh completions have been installed to:\n", - " /usr/local/share/zsh/site-functions\n", - "\u001B[34m==>\u001B[0m \u001B[1mSummary\u001B[0m\n", - "🍺 /usr/local/Cellar/kubernetes-cli/1.24.4: 228 files, 56.7MB\n", - "\u001B[34m==>\u001B[0m \u001B[1mRunning `brew cleanup kubernetes-cli`...\u001B[0m\n", - "Disable this behaviour by setting HOMEBREW_NO_INSTALL_CLEANUP.\n", - "Hide these hints with HOMEBREW_NO_ENV_HINTS (see `man brew`).\n", - "Removing: /usr/local/Cellar/kubernetes-cli/1.24.3... (228 files, 56.4MB)\n", - "Removing: /Users/jeroen/Library/Caches/Homebrew/kubernetes-cli--1.24.3... (15.9MB)\n", - "ERROR: (gcloud.components.install) unrecognized arguments: -y \n", - "\n", - "To search the help text of gcloud commands, run:\n", - " gcloud help -- SEARCH_TERMS\n", - "Error executing CLI: 1 error occurred:\n", - "\t* already installed in /Users/jeroen/.zshrc\n", - "\n", - "\n" - ] - }, - { - "ename": "", - "evalue": "1", - "output_type": "error", - "traceback": [] - } - ], + "execution_count": null, + "outputs": [], "source": [ - "# brew cask install google-cloud-sdk helm kubectl git\n", - "brew install terraform helm kubectl git\n", - "gcloud components install gke-gcloud-auth-plugin -y\n", - "\n", - "terraform -install-autocomplete" + "ACCOUNT_ID=\"terraform-iam-service-account\"\n", + "PROJECT_ID=\"qpecs-fltk-2022\"\n", + "PRIVILEGED_ACCOUNT_ID=\"${ACCOUNT_ID}@${PROJECT_ID}.iam.gserviceaccount.com\"\n", + "CLUSTER_NAME=\"fltk-testbed-cluster\"\n", + "REGION=\"us-central1\"" ], "metadata": { "collapsed": false, @@ -98,44 +104,22 @@ { "cell_type": "markdown", "source": [ - "Continue by adding the required terraform repositoreis\n", + "## Project creation\n", "\n", - "Setup project with gcloud, this project ID is EXTREMELEY IMPORANT for the rest of the tutorial. Make sure to update the value (if YOU CHOOSE to change it\n", - "to something, as well in the variables.tf file).\n" + "Next, we create a project using the `PROJECT_ID` variable, and get all the billing account information." ], "metadata": { "collapsed": false, "pycharm": { "name": "#%% md\n" } - }, - "outputs": [] + } }, { "cell_type": "code", - "execution_count": 4, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "ERROR: (gcloud.projects.create) Project creation failed. The project ID you specified is already in use by another project. Please try an alternative ID.\n", - "ACCOUNT_ID NAME OPEN MASTER_ACCOUNT_ID\n", - "010CFE-95784F-3A6A83 Billing Account for Education False\n", - "011C4F-1F8FD5-BDEDDD Billing Account for Education False\n", - "015594-41687F-092941 Billing Account for Education True\n", - "01610A-173A5E-0FC84C Billing Account for Education False\n", - "019AAC-7C541E-616936 Billing Account for Education False\n" - ] - } - ], + "execution_count": null, + "outputs": [], "source": [ - "ACCOUNT_ID=\"terraform-iam-service-account\"\n", - "PROJECT_ID=\"qpecs-fltk-2022\"\n", - "PRIVILEGED_ACCOUNT_ID=\"${ACCOUNT_ID}@${PROJECT_ID}.iam.gserviceaccount.com\"\n", - "CLUSTER_NAME=\"freddie-testbed-cluster\"\n", - "REGION=\"us-central1\"\n", - "\n", "gcloud projects create $PROJECT_ID --set-as-default\n", "gcloud beta billing accounts list # Copy the Account ID of the account" ], @@ -147,19 +131,23 @@ } }, { - "cell_type": "code", - "execution_count": 2, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "terraform-iam-service-account@terraform-iam-service-account.iam.gserviceaccount.com\n" - ] - } + "cell_type": "markdown", + "source": [ + "Copy the billing account identifier, e.g. `015594-41687F-092941`, and assign to the variable in the cell below" ], + "metadata": { + "collapsed": false, + "pycharm": { + "name": "#%% md\n" + } + } + }, + { + "cell_type": "code", + "execution_count": null, + "outputs": [], "source": [ - "echo $PRIVILEGED_ACCOUNT_ID" + "BILLING_ACCOUNT=\"015594-41687F-092941\"" ], "metadata": { "collapsed": false, @@ -171,7 +159,7 @@ { "cell_type": "markdown", "source": [ - "Setup billing and enable services create service account. This way we don't have to create key files." + "Setup billing and enable services, this will allow us to create a GKE cluster (Google managed Kubernetes cluster), and push and pull containers to our private container repo." ], "metadata": { "collapsed": false, @@ -198,7 +186,7 @@ ], "source": [ "# Setup billing to project\n", - "gcloud beta billing projects link $PROJECT_ID --billing-account 015594-41687F-092941\n", + "gcloud beta billing projects link $PROJECT_ID --billing-account $BILLING_ACCOUNT\n", "# Enable services now billing is enabled\n", "gcloud services enable compute container --project $PROJECT_ID" ], @@ -212,7 +200,12 @@ { "cell_type": "markdown", "source": [ - "Create service account that has the minimum set of permissions for creating and managing a cluster." + "## Creating a service-account\n", + "\n", + "Create service account that has the minimum set of permissions for creating and managing a cluster. This service account\n", + "will be used to create the cluster, and deploy the dependencies that we use.\n", + "\n", + "During the deployment we will make use of impersonation, to let *your* account utilize the service-account. For more information about this practise, see also [this](https://cloud.google.com/blog/topics/developers-practitioners/using-google-cloud-service-account-impersonation-your-terraform-code) blog by Google." ], "metadata": { "collapsed": false, @@ -529,14 +522,16 @@ ], "source": [ "function enable_gcp_role () {\n", - " gcloud projects add-iam-policy-binding \\\n", + " gcloud projects add-iam-policy-binding \\\n", " $PROJECT_ID \\\n", " --member=\"serviceAccount:$PRIVILEGED_ACCOUNT_ID\" \\\n", " --role=\"roles/$1\"\n", "}\n", "\n", + "# Create service-account\n", "gcloud iam service-accounts create $ACCOUNT_ID --display-name=\"Terraform service account\" --project ${PROJECT_ID}\n", "\n", + "# Allow the service account to use the the set of roles below.\n", "enable_gcp_role \"compute.viewer\"\n", "enable_gcp_role \"compute.securityAdmin\"\n", "enable_gcp_role \"container.clusterViewer\"\n", @@ -556,8 +551,8 @@ { "cell_type": "markdown", "source": [ - "Now we enable impersonalisation, to allow the main account of the project to make use of the service account. Thereby reducing\n", - "potential security issues\n", + "## Enable impersonation\n", + "With the service account created, we must enable impersonation, to allow the main account of the project to make use of the service account. For more information see also the [`add-iam-policy-binding`](https://cloud.google.com/sdk/gcloud/reference/iam/service-accounts/add-iam-policy-binding) reference.\n", "\n", "Assign your `google_account` mail to the `OWNER_MAIL` variable, and run the command box below." ], @@ -569,664 +564,82 @@ } }, { - "cell_type": "code", - "execution_count": 6, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "Updated IAM policy for serviceAccount [terraform-iam-service-account@qpecs-fltk-2022.iam.gserviceaccount.com].\n", - "bindings:\n", - "- members:\n", - " - user:jargsnork@gmail.com\n", - " role: roles/iam.serviceAccountTokenCreator\n", - "etag: BwXm1QDSgg0=\n", - "version: 1\n" - ] - } - ], - "source": [ - "OWNER_MAIL=\"jargsnork@gmail.com\"\n", - "gcloud iam service-accounts add-iam-policy-binding $PRIVILEGED_ACCOUNT_ID \\\n", - " --member=\"user:$OWNER_MAIL\" \\\n", - " --role=roles/iam.serviceAccountTokenCreator \\\n", - " --project $PROJECT_ID\n", - "\n", - "# By default we can now use impersionation with the service account. Additionally you can add users to interact with the\n", - "# service account.\n", - "# gcloud iam service-accounts add-iam-policy-binding \\\n", - "# $PRIVILEGED_ACCOUNT_MAIL \\\n", - "# --member='user:example.user.goes.here@.com' --role='roles/editor'\n" - ], - "metadata": { - "collapsed": false, - "pycharm": { - "name": "#%%\n" - } - } - }, - { - "cell_type": "code", - "execution_count": 7, - "outputs": [], - "source": [ - "cd terraform-gke" - ], - "metadata": { - "collapsed": false, - "pycharm": { - "name": "#%%\n" - } - } - }, - { - "cell_type": "code", - "execution_count": 8, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "/Users/jeroen/fltk-project/fltk-testbed/jupyter/terraform-gke\n" - ] - } - ], - "source": [ - "echo $PWD" - ], - "metadata": { - "collapsed": false, - "pycharm": { - "name": "#%%\n" - } - } - }, - { - "cell_type": "code", - "execution_count": 9, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "\u001B[0m\u001B[1mInitializing modules...\u001B[0m\n", - "\n", - "\u001B[0m\u001B[1mInitializing the backend...\u001B[0m\n", - "\n", - "\u001B[0m\u001B[1mInitializing provider plugins...\u001B[0m\n", - "- Reusing previous version of hashicorp/google from the dependency lock file\n", - "- Reusing previous version of hashicorp/kubernetes from the dependency lock file\n", - "- Reusing previous version of hashicorp/google-beta from the dependency lock file\n", - "- Reusing previous version of hashicorp/random from the dependency lock file\n", - "- Using previously-installed hashicorp/google v4.32.0\n", - "- Using previously-installed hashicorp/kubernetes v2.12.1\n", - "- Using previously-installed hashicorp/google-beta v4.32.0\n", - "- Using previously-installed hashicorp/random v3.3.2\n", - "\n", - "\u001B[0m\u001B[1m\u001B[32mTerraform has been successfully initialized!\u001B[0m\u001B[32m\u001B[0m\n", - "\u001B[0m\u001B[32m\n", - "You may now begin working with Terraform. Try running \"terraform plan\" to see\n", - "any changes that are required for your infrastructure. All Terraform commands\n", - "should now work.\n", - "\n", - "If you ever set or change modules or backend configuration for Terraform,\n", - "rerun this command to reinitialize your working directory. If you forget, other\n", - "commands will detect it and remind you to do so if necessary.\u001B[0m\n" - ] - } - ], - "source": [ - "terraform init -reconfigure" - ], - "metadata": { - "collapsed": false, - "pycharm": { - "name": "#%%\n" - } - } - }, - { - "cell_type": "code", - "execution_count": 12, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "\u001B[0m\u001B[1mdata.google_service_account_access_token.default: Reading...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mdata.google_service_account_access_token.default: Read complete after 0s [id=projects/-/serviceAccounts/terraform-iam-service-account@qpecs-fltk-2022.iam.gserviceaccount.com]\u001B[0m\n", - "\u001B[0m\u001B[1mdata.google_client_config.default: Reading...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mdata.google_client_config.default: Read complete after 0s [id=projects/qpecs-fltk-2022/regions//zones/]\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.data.google_container_engine_versions.region: Reading...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.data.google_compute_zones.available: Reading...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.data.google_container_engine_versions.region: Read complete after 0s [id=2022-08-22 14:12:19.966472 +0000 UTC]\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.data.google_compute_zones.available: Read complete after 0s [id=projects/qpecs-fltk-2022/regions/us-central1]\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.data.google_container_engine_versions.zone: Reading...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.data.google_container_engine_versions.zone: Read complete after 0s [id=2022-08-22 14:12:20.347245 +0000 UTC]\u001B[0m\n", - "\n", - "Terraform used the selected providers to generate the following execution plan.\n", - "Resource actions are indicated with the following symbols:\n", - " \u001B[32m+\u001B[0m create\n", - " \u001B[36m<=\u001B[0m read (data resources)\n", - "\u001B[0m\n", - "Terraform will perform the following actions:\n", - "\n", - "\u001B[1m # data.google_compute_subnetwork.subnetwork\u001B[0m will be read during apply\u001B[0m\n", - " # (depends on a resource or a module with changes pending)\u001B[0m\n", - "\u001B[0m \u001B[36m<=\u001B[0m\u001B[0m data \"google_compute_subnetwork\" \"subnetwork\" {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mdescription\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mgateway_address\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mid\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mip_cidr_range\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mname\u001B[0m\u001B[0m = \"gcp-private-subnetwork\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mnetwork\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mprivate_ip_google_access\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mproject\u001B[0m\u001B[0m = \"qpecs-fltk-2022\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mregion\u001B[0m\u001B[0m = \"us-central1\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0msecondary_ip_range\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mself_link\u001B[0m\u001B[0m = (known after apply)\n", - " }\n", - "\n", - "\u001B[1m # module.gke.google_container_cluster.primary\u001B[0m will be created\u001B[0m\u001B[0m\n", - "\u001B[0m \u001B[32m+\u001B[0m\u001B[0m resource \"google_container_cluster\" \"primary\" {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mcluster_ipv4_cidr\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mdatapath_provider\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mdefault_max_pods_per_node\u001B[0m\u001B[0m = 110\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0menable_binary_authorization\u001B[0m\u001B[0m = false\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0menable_intranode_visibility\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0menable_kubernetes_alpha\u001B[0m\u001B[0m = false\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0menable_legacy_abac\u001B[0m\u001B[0m = false\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0menable_shielded_nodes\u001B[0m\u001B[0m = true\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mendpoint\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mid\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mlabel_fingerprint\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mlocation\u001B[0m\u001B[0m = \"us-central1\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mlogging_service\u001B[0m\u001B[0m = \"logging.googleapis.com/kubernetes\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmaster_version\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmin_master_version\u001B[0m\u001B[0m = \"1.21\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmonitoring_service\u001B[0m\u001B[0m = \"monitoring.googleapis.com/kubernetes\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mname\u001B[0m\u001B[0m = \"freddie-testbed-cluster\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mnetwork\u001B[0m\u001B[0m = \"projects/qpecs-fltk-2022/global/networks/gcp-private-network\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mnetworking_mode\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mnode_locations\u001B[0m\u001B[0m = [\n", - " \u001B[32m+\u001B[0m \u001B[0m\"us-central1-c\",\n", - " ]\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mnode_version\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0moperation\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mprivate_ipv6_google_access\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mproject\u001B[0m\u001B[0m = \"qpecs-fltk-2022\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mremove_default_node_pool\u001B[0m\u001B[0m = false\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mself_link\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mservices_ipv4_cidr\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0msubnetwork\u001B[0m\u001B[0m = \"projects/qpecs-fltk-2022/regions/us-central1/subnetworks/gcp-private-subnetwork\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mtpu_ipv4_cidr_block\u001B[0m\u001B[0m = (known after apply)\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0maddons_config {\n", - " \u001B[32m+\u001B[0m \u001B[0mcloudrun_config {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mdisabled\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mload_balancer_type\u001B[0m\u001B[0m = (known after apply)\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mdns_cache_config {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0menabled\u001B[0m\u001B[0m = (known after apply)\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mgce_persistent_disk_csi_driver_config {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0menabled\u001B[0m\u001B[0m = (known after apply)\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mgcp_filestore_csi_driver_config {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0menabled\u001B[0m\u001B[0m = false\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mhorizontal_pod_autoscaling {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mdisabled\u001B[0m\u001B[0m = false\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mhttp_load_balancing {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mdisabled\u001B[0m\u001B[0m = true\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mnetwork_policy_config {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mdisabled\u001B[0m\u001B[0m = true\n", - " }\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mauthenticator_groups_config {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0msecurity_group\u001B[0m\u001B[0m = (known after apply)\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mcluster_autoscaling {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0menabled\u001B[0m\u001B[0m = false\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mauto_provisioning_defaults {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mboot_disk_kms_key\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mimage_type\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0moauth_scopes\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mservice_account\u001B[0m\u001B[0m = (known after apply)\n", - " }\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mconfidential_nodes {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0menabled\u001B[0m\u001B[0m = (known after apply)\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mdatabase_encryption {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mstate\u001B[0m\u001B[0m = \"DECRYPTED\"\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mdefault_snat_status {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mdisabled\u001B[0m\u001B[0m = false\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mip_allocation_policy {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mcluster_ipv4_cidr_block\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mcluster_secondary_range_name\u001B[0m\u001B[0m = \"ip-range-pods\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mservices_ipv4_cidr_block\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mservices_secondary_range_name\u001B[0m\u001B[0m = \"ip-range-scv\"\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mlogging_config {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0menable_components\u001B[0m\u001B[0m = (known after apply)\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mmaintenance_policy {\n", - " \u001B[32m+\u001B[0m \u001B[0mdaily_maintenance_window {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mduration\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mstart_time\u001B[0m\u001B[0m = \"05:00\"\n", - " }\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mmaster_auth {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mclient_certificate\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mclient_key\u001B[0m\u001B[0m = (sensitive value)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mcluster_ca_certificate\u001B[0m\u001B[0m = (known after apply)\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mclient_certificate_config {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0missue_client_certificate\u001B[0m\u001B[0m = false\n", - " }\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mmesh_certificates {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0menable_certificates\u001B[0m\u001B[0m = (known after apply)\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mmonitoring_config {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0menable_components\u001B[0m\u001B[0m = (known after apply)\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mnetwork_policy {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0menabled\u001B[0m\u001B[0m = false\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mnode_config {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mboot_disk_kms_key\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mdisk_size_gb\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mdisk_type\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mguest_accelerator\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mimage_type\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mlabels\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mlocal_ssd_count\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmachine_type\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmetadata\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmin_cpu_platform\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mnode_group\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0moauth_scopes\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mpreemptible\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mservice_account\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mspot\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mtags\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mtaint\u001B[0m\u001B[0m = (known after apply)\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mgcfs_config {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0menabled\u001B[0m\u001B[0m = (known after apply)\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mgvnic {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0menabled\u001B[0m\u001B[0m = (known after apply)\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mshielded_instance_config {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0menable_integrity_monitoring\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0menable_secure_boot\u001B[0m\u001B[0m = (known after apply)\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mworkload_metadata_config {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmode\u001B[0m\u001B[0m = (known after apply)\n", - " }\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mnode_pool {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0minitial_node_count\u001B[0m\u001B[0m = 0\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0minstance_group_urls\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmanaged_instance_group_urls\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmax_pods_per_node\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mname\u001B[0m\u001B[0m = \"default-pool\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mname_prefix\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mnode_count\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mnode_locations\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mversion\u001B[0m\u001B[0m = (known after apply)\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mmanagement {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mauto_repair\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mauto_upgrade\u001B[0m\u001B[0m = (known after apply)\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mnode_config {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mdisk_size_gb\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mdisk_type\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mguest_accelerator\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mimage_type\u001B[0m\u001B[0m = \"COS_CONTAINERD\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mlabels\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mlocal_ssd_count\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmachine_type\u001B[0m\u001B[0m = \"e2-medium\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmetadata\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmin_cpu_platform\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0moauth_scopes\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mpreemptible\u001B[0m\u001B[0m = false\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mservice_account\u001B[0m\u001B[0m = \"terraform-iam-service-account@qpecs-fltk-2022.iam.gserviceaccount.com\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mspot\u001B[0m\u001B[0m = false\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mtags\u001B[0m\u001B[0m = [\n", - " \u001B[32m+\u001B[0m \u001B[0m\"gke-freddie-testbed-cluster\",\n", - " \u001B[32m+\u001B[0m \u001B[0m\"gke-freddie-testbed-cluster-default-pool\",\n", - " \u001B[32m+\u001B[0m \u001B[0m\"default-node-pool\",\n", - " ]\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mtaint\u001B[0m\u001B[0m = (known after apply)\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mshielded_instance_config {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0menable_integrity_monitoring\u001B[0m\u001B[0m = true\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0menable_secure_boot\u001B[0m\u001B[0m = false\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mworkload_metadata_config {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmode\u001B[0m\u001B[0m = \"GKE_METADATA\"\n", - " }\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mupgrade_settings {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmax_surge\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmax_unavailable\u001B[0m\u001B[0m = (known after apply)\n", - " }\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mnotification_config {\n", - " \u001B[32m+\u001B[0m \u001B[0mpubsub {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0menabled\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mtopic\u001B[0m\u001B[0m = (known after apply)\n", - " }\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mrelease_channel {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mchannel\u001B[0m\u001B[0m = (known after apply)\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mtimeouts {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mcreate\u001B[0m\u001B[0m = \"45m\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mdelete\u001B[0m\u001B[0m = \"45m\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mupdate\u001B[0m\u001B[0m = \"45m\"\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mvertical_pod_autoscaling {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0menabled\u001B[0m\u001B[0m = false\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mworkload_identity_config {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mworkload_pool\u001B[0m\u001B[0m = \"qpecs-fltk-2022.svc.id.goog\"\n", - " }\n", - " }\n", - "\n", - "\u001B[1m # module.gke.google_container_node_pool.pools[\"default-node-pool\"]\u001B[0m will be created\u001B[0m\u001B[0m\n", - "\u001B[0m \u001B[32m+\u001B[0m\u001B[0m resource \"google_container_node_pool\" \"pools\" {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mcluster\u001B[0m\u001B[0m = \"freddie-testbed-cluster\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mid\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0minitial_node_count\u001B[0m\u001B[0m = 1\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0minstance_group_urls\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mlocation\u001B[0m\u001B[0m = \"us-central1\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmanaged_instance_group_urls\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmax_pods_per_node\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mname\u001B[0m\u001B[0m = \"default-node-pool\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mname_prefix\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mnode_count\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mnode_locations\u001B[0m\u001B[0m = [\n", - " \u001B[32m+\u001B[0m \u001B[0m\"us-central1-c\",\n", - " ]\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0moperation\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mproject\u001B[0m\u001B[0m = \"qpecs-fltk-2022\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mversion\u001B[0m\u001B[0m = (known after apply)\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mautoscaling {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmax_node_count\u001B[0m\u001B[0m = 2\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmin_node_count\u001B[0m\u001B[0m = 1\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mmanagement {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mauto_repair\u001B[0m\u001B[0m = true\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mauto_upgrade\u001B[0m\u001B[0m = true\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mnode_config {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mdisk_size_gb\u001B[0m\u001B[0m = 64\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mdisk_type\u001B[0m\u001B[0m = \"pd-standard\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mguest_accelerator\u001B[0m\u001B[0m = []\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mimage_type\u001B[0m\u001B[0m = \"COS_CONTAINERD\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mlabels\u001B[0m\u001B[0m = {\n", - " \u001B[32m+\u001B[0m \u001B[0m\"cluster_name\" = \"freddie-testbed-cluster\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\"default-node-pool\" = \"true\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\"node_pool\" = \"default-node-pool\"\n", - " }\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mlocal_ssd_count\u001B[0m\u001B[0m = 0\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmachine_type\u001B[0m\u001B[0m = \"e2-medium\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmetadata\u001B[0m\u001B[0m = {\n", - " \u001B[32m+\u001B[0m \u001B[0m\"cluster_name\" = \"freddie-testbed-cluster\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\"disable-legacy-endpoints\" = \"true\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\"node_pool\" = \"default-node-pool\"\n", - " }\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmin_cpu_platform\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0moauth_scopes\u001B[0m\u001B[0m = [\n", - " \u001B[32m+\u001B[0m \u001B[0m\"https://www.googleapis.com/auth/cloud-platform\",\n", - " ]\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mpreemptible\u001B[0m\u001B[0m = false\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mservice_account\u001B[0m\u001B[0m = \"terraform-iam-service-account@qpecs-fltk-2022.iam.gserviceaccount.com\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mspot\u001B[0m\u001B[0m = false\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mtags\u001B[0m\u001B[0m = [\n", - " \u001B[32m+\u001B[0m \u001B[0m\"gke-freddie-testbed-cluster\",\n", - " \u001B[32m+\u001B[0m \u001B[0m\"gke-freddie-testbed-cluster-default-node-pool\",\n", - " \u001B[32m+\u001B[0m \u001B[0m\"default-node-pool\",\n", - " ]\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mtaint\u001B[0m\u001B[0m = (known after apply)\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mshielded_instance_config {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0menable_integrity_monitoring\u001B[0m\u001B[0m = true\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0menable_secure_boot\u001B[0m\u001B[0m = false\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mworkload_metadata_config {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmode\u001B[0m\u001B[0m = \"GKE_METADATA\"\n", - " }\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mtimeouts {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mcreate\u001B[0m\u001B[0m = \"45m\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mdelete\u001B[0m\u001B[0m = \"45m\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mupdate\u001B[0m\u001B[0m = \"45m\"\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mupgrade_settings {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmax_surge\u001B[0m\u001B[0m = 1\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmax_unavailable\u001B[0m\u001B[0m = 0\n", - " }\n", - " }\n", - "\n", - "\u001B[1m # module.gke.google_container_node_pool.pools[\"medium-fltk-pool-1\"]\u001B[0m will be created\u001B[0m\u001B[0m\n", - "\u001B[0m \u001B[32m+\u001B[0m\u001B[0m resource \"google_container_node_pool\" \"pools\" {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mcluster\u001B[0m\u001B[0m = \"freddie-testbed-cluster\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mid\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0minitial_node_count\u001B[0m\u001B[0m = 0\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0minstance_group_urls\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mlocation\u001B[0m\u001B[0m = \"us-central1\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmanaged_instance_group_urls\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmax_pods_per_node\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mname\u001B[0m\u001B[0m = \"medium-fltk-pool-1\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mname_prefix\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mnode_count\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mnode_locations\u001B[0m\u001B[0m = [\n", - " \u001B[32m+\u001B[0m \u001B[0m\"us-central1-c\",\n", - " ]\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0moperation\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mproject\u001B[0m\u001B[0m = \"qpecs-fltk-2022\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mversion\u001B[0m\u001B[0m = (known after apply)\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mautoscaling {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmax_node_count\u001B[0m\u001B[0m = 4\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmin_node_count\u001B[0m\u001B[0m = 0\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mmanagement {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mauto_repair\u001B[0m\u001B[0m = true\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mauto_upgrade\u001B[0m\u001B[0m = true\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mnode_config {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mdisk_size_gb\u001B[0m\u001B[0m = 64\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mdisk_type\u001B[0m\u001B[0m = \"pd-standard\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mguest_accelerator\u001B[0m\u001B[0m = []\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mimage_type\u001B[0m\u001B[0m = \"COS_CONTAINERD\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mlabels\u001B[0m\u001B[0m = {\n", - " \u001B[32m+\u001B[0m \u001B[0m\"cluster_name\" = \"freddie-testbed-cluster\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\"node_pool\" = \"medium-fltk-pool-1\"\n", - " }\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mlocal_ssd_count\u001B[0m\u001B[0m = 0\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmachine_type\u001B[0m\u001B[0m = \"e2-medium\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmetadata\u001B[0m\u001B[0m = {\n", - " \u001B[32m+\u001B[0m \u001B[0m\"cluster_name\" = \"freddie-testbed-cluster\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\"disable-legacy-endpoints\" = \"true\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\"node-pool-metadata-custom-value\" = \"medium-node-pool-fltk\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\"node_pool\" = \"medium-fltk-pool-1\"\n", - " }\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmin_cpu_platform\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0moauth_scopes\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mpreemptible\u001B[0m\u001B[0m = false\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mservice_account\u001B[0m\u001B[0m = \"terraform-iam-service-account@qpecs-fltk-2022.iam.gserviceaccount.com\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mspot\u001B[0m\u001B[0m = false\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mtags\u001B[0m\u001B[0m = [\n", - " \u001B[32m+\u001B[0m \u001B[0m\"gke-freddie-testbed-cluster\",\n", - " \u001B[32m+\u001B[0m \u001B[0m\"gke-freddie-testbed-cluster-medium-fltk-pool-1\",\n", - " ]\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mtaint\u001B[0m\u001B[0m = [\n", - " \u001B[32m+\u001B[0m \u001B[0m{\n", - " \u001B[32m+\u001B[0m \u001B[0meffect = \"PREFER_NO_SCHEDULE\"\n", - " \u001B[32m+\u001B[0m \u001B[0mkey = \"medium-fltk-pool-1\"\n", - " \u001B[32m+\u001B[0m \u001B[0mvalue = \"true\"\n", - " },\n", - " ]\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mshielded_instance_config {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0menable_integrity_monitoring\u001B[0m\u001B[0m = true\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0menable_secure_boot\u001B[0m\u001B[0m = false\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mworkload_metadata_config {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmode\u001B[0m\u001B[0m = \"GKE_METADATA\"\n", - " }\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mtimeouts {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mcreate\u001B[0m\u001B[0m = \"45m\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mdelete\u001B[0m\u001B[0m = \"45m\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mupdate\u001B[0m\u001B[0m = \"45m\"\n", - " }\n", - "\n", - " \u001B[32m+\u001B[0m \u001B[0mupgrade_settings {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmax_surge\u001B[0m\u001B[0m = 1\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmax_unavailable\u001B[0m\u001B[0m = 0\n", - " }\n", - " }\n", - "\n", - "\u001B[1m # module.gke.random_shuffle.available_zones\u001B[0m will be created\u001B[0m\u001B[0m\n", - "\u001B[0m \u001B[32m+\u001B[0m\u001B[0m resource \"random_shuffle\" \"available_zones\" {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mid\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0minput\u001B[0m\u001B[0m = [\n", - " \u001B[32m+\u001B[0m \u001B[0m\"us-central1-a\",\n", - " \u001B[32m+\u001B[0m \u001B[0m\"us-central1-b\",\n", - " \u001B[32m+\u001B[0m \u001B[0m\"us-central1-c\",\n", - " \u001B[32m+\u001B[0m \u001B[0m\"us-central1-f\",\n", - " ]\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mresult\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mresult_count\u001B[0m\u001B[0m = 3\n", - " }\n", - "\n", - "\u001B[1m # module.gke.random_string.cluster_service_account_suffix\u001B[0m will be created\u001B[0m\u001B[0m\n", - "\u001B[0m \u001B[32m+\u001B[0m\u001B[0m resource \"random_string\" \"cluster_service_account_suffix\" {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mid\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mlength\u001B[0m\u001B[0m = 4\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mlower\u001B[0m\u001B[0m = true\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmin_lower\u001B[0m\u001B[0m = 0\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmin_numeric\u001B[0m\u001B[0m = 0\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmin_special\u001B[0m\u001B[0m = 0\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmin_upper\u001B[0m\u001B[0m = 0\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mnumber\u001B[0m\u001B[0m = true\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mnumeric\u001B[0m\u001B[0m = true\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mresult\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mspecial\u001B[0m\u001B[0m = false\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mupper\u001B[0m\u001B[0m = false\n", - " }\n", - "\n", - "\u001B[1m # module.gcp-network.module.subnets.google_compute_subnetwork.subnetwork[\"us-central1/gcp-private-subnetwork\"]\u001B[0m will be created\u001B[0m\u001B[0m\n", - "\u001B[0m \u001B[32m+\u001B[0m\u001B[0m resource \"google_compute_subnetwork\" \"subnetwork\" {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mcreation_timestamp\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mexternal_ipv6_prefix\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mfingerprint\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mgateway_address\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mid\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mip_cidr_range\u001B[0m\u001B[0m = \"10.0.0.0/17\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mipv6_cidr_range\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mname\u001B[0m\u001B[0m = \"gcp-private-subnetwork\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mnetwork\u001B[0m\u001B[0m = \"gcp-private-network\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mprivate_ip_google_access\u001B[0m\u001B[0m = true\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mprivate_ipv6_google_access\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mproject\u001B[0m\u001B[0m = \"qpecs-fltk-2022\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mpurpose\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mregion\u001B[0m\u001B[0m = \"us-central1\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0msecondary_ip_range\u001B[0m\u001B[0m = [\n", - " \u001B[32m+\u001B[0m \u001B[0m{\n", - " \u001B[32m+\u001B[0m \u001B[0mip_cidr_range = \"192.168.0.0/18\"\n", - " \u001B[32m+\u001B[0m \u001B[0mrange_name = \"ip-range-pods\"\n", - " },\n", - " \u001B[32m+\u001B[0m \u001B[0m{\n", - " \u001B[32m+\u001B[0m \u001B[0mip_cidr_range = \"192.168.64.0/18\"\n", - " \u001B[32m+\u001B[0m \u001B[0mrange_name = \"ip-range-scv\"\n", - " },\n", - " ]\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mself_link\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mstack_type\u001B[0m\u001B[0m = (known after apply)\n", - " }\n", - "\n", - "\u001B[1m # module.gcp-network.module.vpc.google_compute_network.network\u001B[0m will be created\u001B[0m\u001B[0m\n", - "\u001B[0m \u001B[32m+\u001B[0m\u001B[0m resource \"google_compute_network\" \"network\" {\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mauto_create_subnetworks\u001B[0m\u001B[0m = false\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mdelete_default_routes_on_create\u001B[0m\u001B[0m = false\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mgateway_ipv4\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mid\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0minternal_ipv6_range\u001B[0m\u001B[0m = (known after apply)\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mmtu\u001B[0m\u001B[0m = 0\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mname\u001B[0m\u001B[0m = \"gcp-private-network\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mproject\u001B[0m\u001B[0m = \"qpecs-fltk-2022\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mrouting_mode\u001B[0m\u001B[0m = \"GLOBAL\"\n", - " \u001B[32m+\u001B[0m \u001B[0m\u001B[1m\u001B[0mself_link\u001B[0m\u001B[0m = (known after apply)\n", - " }\n", - "\n", - "\u001B[0m\u001B[1mPlan:\u001B[0m 7 to add, 0 to change, 0 to destroy.\n", - "\u001B[0m\u001B[90m\n", - "───────────────────────────────────────────────────────────────────────────────\u001B[0m\n", - "\n", - "Note: You didn't use the -out option to save this plan, so Terraform can't\n", - "guarantee to take exactly these actions if you run \"terraform apply\" now.\n" + "cell_type": "code", + "execution_count": 6, + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "Updated IAM policy for serviceAccount [terraform-iam-service-account@qpecs-fltk-2022.iam.gserviceaccount.com].\n", + "bindings:\n", + "- members:\n", + " - user:jargsnork@gmail.com\n", + " role: roles/iam.serviceAccountTokenCreator\n", + "etag: BwXm1QDSgg0=\n", + "version: 1\n" ] } ], "source": [ - "terraform plan" + "OWNER_MAIL=\"jargsnork@gmail.com\"\n", + "gcloud iam service-accounts add-iam-policy-binding $PRIVILEGED_ACCOUNT_ID \\\n", + " --member=\"user:$OWNER_MAIL\" \\\n", + " --role=roles/iam.serviceAccountTokenCreator \\\n", + " --project $PROJECT_ID" + ], + "metadata": { + "collapsed": false, + "pycharm": { + "name": "#%%\n" + } + } + }, + { + "cell_type": "markdown", + "source": [ + "## Creating a Google managed cluster (GKE)\n", + "To create the cluster, first change the active directory to the `terraform-gke` directory." + ], + "metadata": { + "collapsed": false, + "pycharm": { + "name": "#%% md\n" + } + } + }, + { + "cell_type": "code", + "execution_count": null, + "outputs": [], + "source": [ + "cd terraform-gke" + ], + "metadata": { + "collapsed": false, + "pycharm": { + "name": "#%%\n" + } + } + }, + { + "cell_type": "markdown", + "source": [ + "Init the directory, to initialize the Terraform module." + ], + "metadata": { + "collapsed": false, + "pycharm": { + "name": "#%% md\n" + } + } + }, + { + "cell_type": "code", + "execution_count": null, + "outputs": [], + "source": [ + "terraform init -reconfigure" ], "metadata": { "collapsed": false, @@ -1235,9 +648,21 @@ } } }, + { + "cell_type": "markdown", + "source": [ + "Next, we can check whether we can create a cluster. No warnings or errors should occur during this process. It may take a while to complete." + ], + "metadata": { + "collapsed": false, + "pycharm": { + "name": "#%% md\n" + } + } + }, { "cell_type": "code", - "execution_count": 13, + "execution_count": 12, "outputs": [ { "name": "stdout", @@ -1245,14 +670,14 @@ "text": [ "\u001B[0m\u001B[1mdata.google_service_account_access_token.default: Reading...\u001B[0m\u001B[0m\n", "\u001B[0m\u001B[1mdata.google_service_account_access_token.default: Read complete after 0s [id=projects/-/serviceAccounts/terraform-iam-service-account@qpecs-fltk-2022.iam.gserviceaccount.com]\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.data.google_compute_zones.available: Reading...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.data.google_container_engine_versions.region: Reading...\u001B[0m\u001B[0m\n", "\u001B[0m\u001B[1mdata.google_client_config.default: Reading...\u001B[0m\u001B[0m\n", "\u001B[0m\u001B[1mdata.google_client_config.default: Read complete after 0s [id=projects/qpecs-fltk-2022/regions//zones/]\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.data.google_container_engine_versions.region: Read complete after 0s [id=2022-08-22 14:12:56.882912 +0000 UTC]\u001B[0m\n", + "\u001B[0m\u001B[1mmodule.gke.data.google_container_engine_versions.region: Reading...\u001B[0m\u001B[0m\n", + "\u001B[0m\u001B[1mmodule.gke.data.google_compute_zones.available: Reading...\u001B[0m\u001B[0m\n", + "\u001B[0m\u001B[1mmodule.gke.data.google_container_engine_versions.region: Read complete after 0s [id=2022-08-22 14:12:19.966472 +0000 UTC]\u001B[0m\n", "\u001B[0m\u001B[1mmodule.gke.data.google_compute_zones.available: Read complete after 0s [id=projects/qpecs-fltk-2022/regions/us-central1]\u001B[0m\n", "\u001B[0m\u001B[1mmodule.gke.data.google_container_engine_versions.zone: Reading...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.data.google_container_engine_versions.zone: Read complete after 0s [id=2022-08-22 14:12:57.324072 +0000 UTC]\u001B[0m\n", + "\u001B[0m\u001B[1mmodule.gke.data.google_container_engine_versions.zone: Read complete after 0s [id=2022-08-22 14:12:20.347245 +0000 UTC]\u001B[0m\n", "\n", "Terraform used the selected providers to generate the following execution plan.\n", "Resource actions are indicated with the following symbols:\n", @@ -1766,58 +1191,16 @@ " }\n", "\n", "\u001B[0m\u001B[1mPlan:\u001B[0m 7 to add, 0 to change, 0 to destroy.\n", - "\u001B[0m\u001B[0m\u001B[1mmodule.gke.random_string.cluster_service_account_suffix: Creating...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.random_string.cluster_service_account_suffix: Creation complete after 0s [id=a1c1]\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gcp-network.module.vpc.google_compute_network.network: Creating...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.random_shuffle.available_zones: Creating...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.random_shuffle.available_zones: Creation complete after 0s [id=-]\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gcp-network.module.vpc.google_compute_network.network: Still creating... [10s elapsed]\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gcp-network.module.vpc.google_compute_network.network: Still creating... [20s elapsed]\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gcp-network.module.vpc.google_compute_network.network: Creation complete after 22s [id=projects/qpecs-fltk-2022/global/networks/gcp-private-network]\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gcp-network.module.subnets.google_compute_subnetwork.subnetwork[\"us-central1/gcp-private-subnetwork\"]: Creating...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gcp-network.module.subnets.google_compute_subnetwork.subnetwork[\"us-central1/gcp-private-subnetwork\"]: Still creating... [10s elapsed]\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gcp-network.module.subnets.google_compute_subnetwork.subnetwork[\"us-central1/gcp-private-subnetwork\"]: Still creating... [20s elapsed]\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gcp-network.module.subnets.google_compute_subnetwork.subnetwork[\"us-central1/gcp-private-subnetwork\"]: Creation complete after 23s [id=projects/qpecs-fltk-2022/regions/us-central1/subnetworks/gcp-private-subnetwork]\u001B[0m\n", - "\u001B[0m\u001B[1mdata.google_compute_subnetwork.subnetwork: Reading...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_cluster.primary: Creating...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mdata.google_compute_subnetwork.subnetwork: Read complete after 0s [id=projects/qpecs-fltk-2022/regions/us-central1/subnetworks/gcp-private-subnetwork]\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_cluster.primary: Still creating... [10s elapsed]\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_cluster.primary: Still creating... [20s elapsed]\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_cluster.primary: Still creating... [30s elapsed]\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_cluster.primary: Still creating... [40s elapsed]\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_cluster.primary: Still creating... [50s elapsed]\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_cluster.primary: Still creating... [1m0s elapsed]\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_cluster.primary: Still creating... [1m10s elapsed]\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_cluster.primary: Still creating... [1m20s elapsed]\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_cluster.primary: Still creating... [1m30s elapsed]\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_cluster.primary: Still creating... [1m40s elapsed]\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_cluster.primary: Still creating... [1m50s elapsed]\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_cluster.primary: Still creating... [2m0s elapsed]\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_cluster.primary: Still creating... [2m10s elapsed]\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_cluster.primary: Creation complete after 2m16s [id=projects/qpecs-fltk-2022/locations/us-central1/clusters/freddie-testbed-cluster]\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_node_pool.pools[\"medium-fltk-pool-1\"]: Creating...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_node_pool.pools[\"default-node-pool\"]: Creating...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_node_pool.pools[\"medium-fltk-pool-1\"]: Still creating... [10s elapsed]\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_node_pool.pools[\"default-node-pool\"]: Still creating... [10s elapsed]\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_node_pool.pools[\"medium-fltk-pool-1\"]: Still creating... [20s elapsed]\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_node_pool.pools[\"default-node-pool\"]: Still creating... [20s elapsed]\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_node_pool.pools[\"medium-fltk-pool-1\"]: Creation complete after 22s [id=projects/qpecs-fltk-2022/locations/us-central1/clusters/freddie-testbed-cluster/nodePools/medium-fltk-pool-1]\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_node_pool.pools[\"default-node-pool\"]: Still creating... [30s elapsed]\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_node_pool.pools[\"default-node-pool\"]: Still creating... [40s elapsed]\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_node_pool.pools[\"default-node-pool\"]: Still creating... [50s elapsed]\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_node_pool.pools[\"default-node-pool\"]: Still creating... [1m0s elapsed]\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_node_pool.pools[\"default-node-pool\"]: Still creating... [1m10s elapsed]\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_node_pool.pools[\"default-node-pool\"]: Still creating... [1m20s elapsed]\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_node_pool.pools[\"default-node-pool\"]: Still creating... [1m30s elapsed]\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.gke.google_container_node_pool.pools[\"default-node-pool\"]: Creation complete after 1m35s [id=projects/qpecs-fltk-2022/locations/us-central1/clusters/freddie-testbed-cluster/nodePools/default-node-pool]\u001B[0m\n", - "\u001B[0m\u001B[1m\u001B[32m\n", - "Apply complete! Resources: 7 added, 0 changed, 0 destroyed.\n", - "\u001B[0m" + "\u001B[0m\u001B[90m\n", + "───────────────────────────────────────────────────────────────────────────────\u001B[0m\n", + "\n", + "Note: You didn't use the -out option to save this plan, so Terraform can't\n", + "guarantee to take exactly these actions if you run \"terraform apply\" now.\n" ] } ], "source": [ - "terraform apply -auto-approve" + "terraform plan" ], "metadata": { "collapsed": false, @@ -1826,23 +1209,55 @@ } } }, + { + "cell_type": "markdown", + "source": [ + "When the previous command completes successfully, we can start the deployment. Depending on any changes you may have done, this might take a while.\n", + "\n", + "By default, this will create a private zonal cluster consisting of two node-pools.\n", + "\n", + "⚠️ Any changes to make the deployment to a regional cluster (even with all nodepools only spanning a single region), an additional free of 0.10 USD/hour will be billed with minute increments." + ], + "metadata": { + "collapsed": false, + "pycharm": { + "name": "#%% md\n" + } + } + }, { "cell_type": "code", - "execution_count": 15, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "Fetching cluster endpoint and auth data.\n", - "kubeconfig entry generated for freddie-testbed-cluster.\n" - ] + "execution_count": null, + "outputs": [], + "source": [ + "terraform apply -auto-approve" + ], + "metadata": { + "collapsed": false, + "pycharm": { + "name": "#%%\n" } + } + }, + { + "cell_type": "markdown", + "source": [ + "Next, we add cluster credentials (so you can interact with the cluster through `kubectl` an `helm`)." ], + "metadata": { + "collapsed": false, + "pycharm": { + "name": "#%% md\n" + } + } + }, + { + "cell_type": "code", + "execution_count": null, + "outputs": [], "source": [ "# Add credentials for interacting with cluster via kubectl\n", - "gcloud container clusters get-credentials $CLUSTER_NAME --region $REGION --project $PROJECT_ID\n", - "cd ../terraform-kubeflow" + "gcloud container clusters get-credentials $CLUSTER_NAME --region $REGION --project $PROJECT_ID" ], "metadata": { "collapsed": false, @@ -1851,44 +1266,49 @@ } } }, + { + "cell_type": "markdown", + "source": [ + "## Installing dependencies\n", + "Lastly, we need to install the dependencies on our cluster. First change the directories, and then run the `init`, `plan` and `apply` commands as we did for creating the GKE cluster." + ], + "metadata": { + "collapsed": false, + "pycharm": { + "name": "#%% md\n" + } + } + }, { "cell_type": "code", - "execution_count": 16, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "\u001B[0m\u001B[1mInitializing modules...\u001B[0m\n", - "\n", - "\u001B[0m\u001B[1mInitializing the backend...\u001B[0m\n", - "\n", - "\u001B[0m\u001B[1mInitializing provider plugins...\u001B[0m\n", - "- Reusing previous version of hashicorp/kubernetes from the dependency lock file\n", - "- Reusing previous version of hashicorp/google from the dependency lock file\n", - "- Reusing previous version of hashicorp/time from the dependency lock file\n", - "- Reusing previous version of hashicorp/template from the dependency lock file\n", - "- Reusing previous version of kbst/kustomization from the dependency lock file\n", - "- Reusing previous version of gavinbunney/kubectl from the dependency lock file\n", - "- Using previously-installed hashicorp/kubernetes v2.12.1\n", - "- Using previously-installed hashicorp/google v4.32.0\n", - "- Using previously-installed hashicorp/time v0.8.0\n", - "- Using previously-installed hashicorp/template v2.2.0\n", - "- Using previously-installed kbst/kustomization v0.9.0\n", - "- Using previously-installed gavinbunney/kubectl v1.14.0\n", - "\n", - "\u001B[0m\u001B[1m\u001B[32mTerraform has been successfully initialized!\u001B[0m\u001B[32m\u001B[0m\n", - "\u001B[0m\u001B[32m\n", - "You may now begin working with Terraform. Try running \"terraform plan\" to see\n", - "any changes that are required for your infrastructure. All Terraform commands\n", - "should now work.\n", - "\n", - "If you ever set or change modules or backend configuration for Terraform,\n", - "rerun this command to reinitialize your working directory. If you forget, other\n", - "commands will detect it and remind you to do so if necessary.\u001B[0m\n" - ] + "execution_count": null, + "outputs": [], + "source": [ + "cd ../terraform-kubeflow" + ], + "metadata": { + "collapsed": false, + "pycharm": { + "name": "#%%\n" } + } + }, + { + "cell_type": "markdown", + "source": [ + "Init the directory, to initialize the Terraform module." ], + "metadata": { + "collapsed": false, + "pycharm": { + "name": "#%% md\n" + } + } + }, + { + "cell_type": "code", + "execution_count": null, + "outputs": [], "source": [ "terraform init -reconfigure" ], @@ -1899,6 +1319,21 @@ } } }, + { + "cell_type": "markdown", + "source": [ + "Check to see if we can plan the deployment. This will setup the following:\n", + "\n", + "* Kubeflow training operator (used to deploy and manage PyTorchTrainJobs programmatically)\n", + "* NFS-provisioner (used to enable logging on a persistent `ReadWriteMany` PVC in the cluster)\n" + ], + "metadata": { + "collapsed": false, + "pycharm": { + "name": "#%% md\n" + } + } + }, { "cell_type": "code", "execution_count": 17, @@ -30642,56 +30077,57 @@ } } }, + { + "cell_type": "markdown", + "source": [], + "metadata": { + "collapsed": false, + "pycharm": { + "name": "#%% md\n" + } + } + }, { "cell_type": "code", "execution_count": null, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - " \u001B[1mEnter a value:\u001B[0m \u001B[0m\r\n", - "\u001B[31m╷\u001B[0m\u001B[0m\r\n", - "\u001B[31m│\u001B[0m \u001B[0m\u001B[1m\u001B[31mError: \u001B[0m\u001B[0m\u001B[1merror asking for approval: interrupted\u001B[0m\r\n", - "\u001B[31m│\u001B[0m \u001B[0m\r\n", - "\u001B[31m│\u001B[0m \u001B[0m\u001B[0m\r\n", - "\u001B[31m╵\u001B[0m\u001B[0m\r\n", - "\r\n", - "Interrupt received.\r\n", - "Please wait for Terraform to exit or data loss may occur.\r\n", - "Gracefully shutting down...\r\n", - "\r\n", - "\u001B[0m\u001B[1mmodule.kubeflow.data.template_file.config_yaml: Reading...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.kubeflow.data.template_file.config_yaml: Read complete after 0s [id=e70434e7cbdc7b7b42ddd875f3c0aa739f8612543152222cc4e6bfae9394b994]\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.kubeflow.data.kustomization_build.tensorboard-ui: Reading...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.kubeflow.data.kustomization_build.katib: Reading...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.kubeflow.data.kustomization_build.letsencrypt-cluster-resources: Reading...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.kubeflow.data.kustomization_build.webhook: Reading...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.kubeflow.data.kustomization_overlay.user-namespace: Reading...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.kubeflow.data.kustomization_overlay.pipelines: Reading...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.kubeflow.data.kustomization_build.profiles: Reading...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.kubeflow.data.kustomization_build.istio-base: Reading...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.kubeflow.data.kustomization_overlay.pipelines-metacontroller: Reading...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.kubeflow.data.kustomization_overlay.istio-ingress: Reading...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.kubeflow.data.kustomization_build.tensorboard-ui: Read complete after 2s [id=d8e78b828f4aa90bd0a80b015e8d939beac927c555fddd7400cadf27e27a8301782d3b34b397ee40f59f0731721568b2191c0b2b1d0c7a82ea288e369f1c8c6a]\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.kubeflow.data.kustomization_build.roles: Reading...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.kubeflow.data.kustomization_build.letsencrypt-cluster-resources: Read complete after 4s [id=286f6cdced0fce9c87af605edbec10af650bb434f010a7568ba662e6f516b9f1ad1f0a32ca392e90a197f89b54df470d71b1a5c3c6c1898482c519ae883c4f47]\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.kubeflow.data.kustomization_build.kserve: Reading...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.kubeflow.data.kustomization_build.katib: Read complete after 4s [id=6e446bc013cc482d2dd24d1be89ae55c1ce1361e7f2df5ef4037a7c667597aa6a45626a81143e1cff2caa4964239055c74485585453aa2d30daba0eba094c9fe]\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.kubeflow.data.kustomization_build.notebooks-ui: Reading...\u001B[0m\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.kubeflow.data.kustomization_build.webhook: Read complete after 6s [id=d188ecdfe1fb9be673c8256917f8a774479f7215a76098ff88d57b61635a00efccef7ac90dd7edc2ba69cdb4a715814b79cfa05ecf7cb63b41fcdb107403bd6f]\u001B[0m\n", - "\u001B[0m\u001B[1mmodule.kubeflow.data.kustomization_build.volumes: Reading...\u001B[0m\u001B[0m\n" - ] + "outputs": [], + "source": [ + "terraform apply -auto-approve" + ], + "metadata": { + "collapsed": false, + "pycharm": { + "name": "#%%\n" } + } + }, + { + "cell_type": "markdown", + "source": [ + "## Testing the deployment\n", + "\n", + "To make sure that the deployment went OK, we can run the following command to test whether we can use Pytorch-Training operators.\n", + "\n", + "This will create a simple deployment using a Kubeflow pytorch example job." ], + "metadata": { + "collapsed": false, + "pycharm": { + "name": "#%% md\n" + } + } + }, + { + "cell_type": "code", + "execution_count": null, + "outputs": [], "source": [ - "terraform apply" + "kubectl create -f https://raw.githubusercontent.com/kubeflow/training-operator/master/examples/pytorch/simple.yaml" ], "metadata": { "collapsed": false, "pycharm": { - "name": "#%%\n", - "is_executing": true + "name": "#%%\n" } } }