GDB-10775: GraphDB Single VM GCP Deployment

- Added Terraform module for deployment in GCP Compute Engine
- Added Google Blueprint metadata YAMLs that guide the launching in GCP
- Added Makefile for easily packaging the deployment ZIP

.gitignore

@@ -0,0 +1,42 @@
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+crash.*.log
+
+# Exclude all .tfvars files, which are likely to contain sensitive data, such as
+# password, private keys, and other secrets. These should not be part of version
+# control as they are data points which are potentially sensitive and subject
+# to change depending on the environment.
+*.tfvars
+*.tfvars.json
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
+
+# IDEs
+.idea/
+
+# Certificates
+*.pem
+*.p12
+*.pub
+
+# Licenses
+*.license
+
+# Deployment package
+*.zip

Makefile

@@ -0,0 +1,15 @@
+VERSION := $(shell echo "var.source_image" | terraform console | grep -oP 'graphdb-\K[0-9]+-[0-9]+-[0-9]+')
+
+# Name of the output zip file
+ZIP_NAME := "graphdb-single-vm-deployment-package-${VERSION}.zip"
+
+# Default target to create the zip
+all: package
+
+# Rule to create the zip file
+package: clean
+	zip -r $(ZIP_NAME) *.tf *.yaml LICENSE README.md
+
+# Clean target to remove the zip file
+clean:
+	rm -f $(ZIP_NAME)

README.md

@@ -1 +1,35 @@
-# gcp-deployment-package
+# GraphDB deployment package on GCP
+
+## Quickstart
+
+```shell
+terraform init
+terraform apply
+```
+
+Additionally, to specify custom values for the variables, you can use a `.tfvars` file, or specify individual
+variables on the command line, e.g. `-var project_id=<test-project>`.
+
+## Metadata
+
+To update and validate the [metadata.yaml](metadata.yaml) and [metadata.display.yaml](metadata.display.yaml) you can use Google's CFT
+tool https://pkg.go.dev/github.com/GoogleCloudPlatform/cloud-foundation-toolkit/cli/bpmetadata
+
+Run the following command in the project directory to regenerate the metadata:
+
+```bash
+cft blueprint metadata -d -p .
+```
+
+Or simply to validate:
+
+```bash
+cft blueprint metadata -v -p .
+```
+
+## Resources
+
+- Examples for configuring Blueprint metadata
+  - https://github.com/GoogleCloudPlatform/marketplace-tools/blob/master/examples/terraform/wordpress/metadata.display.yaml
+  - https://github.com/g-awmalik/terraform-google-canonical-mp/blob/main/metadata.display.yaml
+- Blueprint reference https://pkg.go.dev/github.com/GoogleCloudPlatform/cloud-foundation-toolkit/cli/bpmetadata

main.tf

@@ -0,0 +1,42 @@
+provider "google" {
+  project = var.project_id
+}
+
+resource "google_compute_instance" "graphdb" {
+  name         = var.goog_cm_deployment_name
+  machine_type = var.machine_type
+  zone         = var.zone
+
+  boot_disk {
+    initialize_params {
+      # The boot disk must be set to the variable declared in Producer Portal
+      image = var.source_image
+      size  = var.boot_disk_size
+      type = var.boot_disk_type
+    }
+  }
+
+  network_interface {
+    network = var.network_interface
+
+    access_config {
+      // Ephemeral public IP
+    }
+  }
+
+  tags = [var.goog_cm_deployment_name]
+}
+
+resource "google_compute_firewall" "rules" {
+  name        = "graphdb-allow-ingress"
+  network     = var.network_interface
+  description = "Allow inbound access to GraphDB"
+
+  allow {
+    protocol = "tcp"
+    ports    = ["7200"]
+  }
+
+  source_ranges = var.allowed_ingress_cidrs
+  target_tags   = [var.goog_cm_deployment_name]
+}

metadata.display.yaml

@@ -0,0 +1,78 @@
+apiVersion: blueprints.cloud.google.com/v1alpha1
+kind: BlueprintMetadata
+metadata:
+  name: graphdb-single-vm-display
+  annotations:
+    autogenSpecType: SINGLE_VM
+    config.kubernetes.io/local-config: "true"
+spec:
+  info:
+    title: GraphDB deployment package on GCP
+    source:
+      repo: https://github.com/Ontotext-AD/gcp-deployment-package-graphdb.git
+      sourceType: git
+      dir: /
+  ui:
+    input:
+      variables:
+        allowed_ingress_cidrs:
+          name: allowed_ingress_cidrs
+          title: Allowed Ingress CIDRs
+          section: networking
+        boot_disk_size:
+          name: disk_size
+          title: Disk Size
+          section: boot_disk
+          xGoogleProperty:
+            type: ET_GCE_DISK_SIZE
+            gceDiskSize:
+              diskTypeVariable: boot_disk_type
+        boot_disk_type:
+          name: boot_disk_type
+          title: Boot Disk Type
+          section: boot_disk
+          xGoogleProperty:
+            type: ET_GCE_DISK_TYPE
+            zoneProperty: zone
+        goog_cm_deployment_name:
+          name: goog_cm_deployment_name
+          title: Goog Cm Deployment Name
+        machine_type:
+          name: machine_type
+          title: Machine Type
+          xGoogleProperty:
+            type: ET_GCE_MACHINE_TYPE
+            zoneProperty: zone
+        name:
+          name: name
+          title: Name
+        network_interface:
+          name: network_interface
+          title: Network Interface
+          section: networking
+          xGoogleProperty:
+            type: ET_GCE_NETWORK
+            gceNetwork:
+              allowSharedVpcs: true
+              machineTypeVariable: machine_type
+        project_id:
+          name: project_id
+          title: Project Id
+        source_image:
+          name: source_image
+          title: Image version
+          invisible: true
+          xGoogleProperty:
+            type: ET_GCE_DISK_IMAGE
+        zone:
+          name: zone
+          title: Zone
+          xGoogleProperty:
+            type: ET_GCE_ZONE
+      sections:
+        - name: networking
+          title: Networking
+          tooltip: Networking related configurations
+        - name: boot_disk
+          title: Boot Disk
+          tooltip: Configure the boot disk for GraphDB

metadata.yaml

@@ -0,0 +1,63 @@
+apiVersion: blueprints.cloud.google.com/v1alpha1
+kind: BlueprintMetadata
+metadata:
+  name: graphdb-single-vm
+  annotations:
+    autogenSpecType: SINGLE_VM
+    config.kubernetes.io/local-config: "true"
+spec:
+  info:
+    title: GraphDB deployment package on GCP
+    source:
+      repo: https://github.com/Ontotext-AD/gcp-deployment-package-graphdb.git
+      sourceType: git
+      dir: /
+    description: {}
+  content:
+    documentation:
+      - title: GraphDB Documentation
+        url: https://graphdb.ontotext.com/documentation/
+  interfaces:
+    variables:
+      - name: allowed_ingress_cidrs
+        description: CIDR blocks that are allowed to access the GraphDB port
+        varType: list(string)
+        defaultValue:
+          - 0.0.0.0/0
+      - name: boot_disk_size
+        description: Boot disk size in GBs
+        varType: number
+        defaultValue: 500
+      - name: boot_disk_type
+        description: Type of the boot disk
+        varType: string
+        defaultValue: pd-ssd
+      - name: goog_cm_deployment_name
+        description: Deployment name
+        varType: string
+        defaultValue: graphdb
+      - name: machine_type
+        description: Type of the VM that will be created
+        varType: string
+        defaultValue: n2-highmem-8
+      - name: network_interface
+        description: The network interface to attach the VM to
+        varType: string
+        defaultValue: default
+      - name: project_id
+        description: Project in which the VM will be created
+        varType: string
+        required: true
+      - name: source_image
+        description: Defines the VM image passed from the GCP Marketplace
+        varType: string
+        defaultValue: projects/graphdb-public/global/images/ontotext-graphdb-10-7-3-202409031355
+      - name: zone
+        description: The zone where the VM will be created
+        varType: string
+        defaultValue: us-central1-a
+    outputs:
+      - name: graphdb_address
+        description: External URL address for accessing GraphDB
+      - name: instance_ip
+        description: External IP address for the GraphDB VM instance

outputs.tf

@@ -0,0 +1,14 @@
+locals {
+  network_interface = google_compute_instance.graphdb.network_interface[0]
+  instance_nat_ip   = length(local.network_interface.access_config) > 0 ? local.network_interface.access_config[0].nat_ip : null
+}
+
+output "instance_ip" {
+  description = "External IP address for the GraphDB VM instance"
+  value       =  local.instance_nat_ip
+}
+
+output "graphdb_address" {
+  description = "External URL address for accessing GraphDB"
+  value       = "http://${local.instance_nat_ip}:7200"
+}

providers.tf

@@ -0,0 +1,8 @@
+terraform {
+  required_providers {
+    google = {
+      source  = "hashicorp/google"
+      version = "6.0.1"
+    }
+  }
+}

variables.tf

@@ -0,0 +1,56 @@
+# The variable "image" is declared in Producer Portal
+
+variable "source_image" {
+  description = "Defines the VM image passed from the GCP Marketplace"
+  type        = string
+  # Set the default value to your image. Marketplace will overwrite this value
+  # to a Marketplace owned image on publishing the product
+  default = "projects/graphdb-public/global/images/ontotext-graphdb-10-7-3-202409031355"
+}
+
+variable "goog_cm_deployment_name" {
+  description = "Deployment name"
+  type        = string
+  default     = "graphdb"
+}
+
+variable "project_id" {
+  description = "Project in which the VM will be created"
+  type        = string
+}
+
+variable "zone" {
+  description = "The zone where the VM will be created"
+  type        = string
+  default     = "us-central1-a"
+}
+
+variable "machine_type" {
+  description = "Type of the VM that will be created"
+  type        = string
+  default     = "n2-highmem-8"
+}
+
+variable "boot_disk_size" {
+  description = "Boot disk size in GBs"
+  type        = number
+  default     = 500
+}
+
+variable "boot_disk_type" {
+  description = "Type of the boot disk"
+  type        = string
+  default     = "pd-ssd"
+}
+
+variable "network_interface" {
+  description = "The network interface to attach the VM to"
+  type        = string
+  default     = "default"
+}
+
+variable "allowed_ingress_cidrs" {
+  description = "CIDR blocks that are allowed to access the GraphDB port"
+  type        = list(string)
+  default     = ["0.0.0.0/0"]
+}