From 1062790a15a856f991be7441d1c1de9070a0c3b3 Mon Sep 17 00:00:00 2001 From: "a.gacenko" Date: Thu, 18 Jul 2024 14:53:55 +0700 Subject: [PATCH] feat: Add terraform modules Memorystore Redis [Google Cloud Platform] --- Google Cloud Platform/Memorystore/README.md | 11 +++ .../Memorystore/redis/README.md | 58 +++++++++++++ .../Memorystore/redis/docs/example/example.tf | 84 +++++++++++++++++++ .../redis/docs/example/versions.tf | 10 +++ .../Memorystore/redis/redis_cluster.tf | 21 +++++ .../Memorystore/redis/redis_instance.tf | 56 +++++++++++++ .../Memorystore/redis/variables.tf | 5 ++ .../Memorystore/redis/versions.tf | 10 +++ README.md | 1 + 9 files changed, 256 insertions(+) create mode 100644 Google Cloud Platform/Memorystore/README.md create mode 100644 Google Cloud Platform/Memorystore/redis/README.md create mode 100644 Google Cloud Platform/Memorystore/redis/docs/example/example.tf create mode 100644 Google Cloud Platform/Memorystore/redis/docs/example/versions.tf create mode 100644 Google Cloud Platform/Memorystore/redis/redis_cluster.tf create mode 100644 Google Cloud Platform/Memorystore/redis/redis_instance.tf create mode 100644 Google Cloud Platform/Memorystore/redis/variables.tf create mode 100644 Google Cloud Platform/Memorystore/redis/versions.tf diff --git a/Google Cloud Platform/Memorystore/README.md b/Google Cloud Platform/Memorystore/README.md new file mode 100644 index 0000000..e767085 --- /dev/null +++ b/Google Cloud Platform/Memorystore/README.md @@ -0,0 +1,11 @@ +# Memorystore + +## Introduction + +This is a set of terraform modules for the Google Cloud Platform provider for building a Memorystore and creating any different memorystore resources + +## Modules + +| Modules | Settings | Resources | Description | +| --- | --- | --- | --- | +| `redis` |[redis](redis/README.md)| - google_redis_instance
- google_redis_cluster | redis settings | diff --git a/Google Cloud Platform/Memorystore/redis/README.md b/Google Cloud Platform/Memorystore/redis/README.md new file mode 100644 index 0000000..b19da17 --- /dev/null +++ b/Google Cloud Platform/Memorystore/redis/README.md @@ -0,0 +1,58 @@ +# Redis + +## Introduction + +This is a set of terraform modules for the Google Cloud Platform provider for building a Memorystore and creating any different redis resources + +## Features + +- Supported redis instances +- Supported redis clusters + +## Settings + +| Option | Type | Required | Default value | Description | +| --- | --- | --- | --- | --- | +| `redis.is_cluster` | Bool | Yes | - | Determines which resource will be used. Possible values are: `false` for `google_redis_instance`, `true` for `google_redis_cluster`. | +| `redis.replica_count` | Int | No | 0 or 1 | The number of replica nodes. The valid range for the Standard Tier with read replicas enabled is `[1-5]` and defaults to `2`. If read replicas are not enabled for a Standard Tier instance, the only valid value is `1` and the default is `1`. The valid value for basic tier is `0` and the default is also `0`. | +| `redis.redis_configs` | Map | No | {} | Redis configuration parameters, according to [official documentation](http://redis.io/topics/config). Please check [Memorystore documentation](https://cloud.google.com/memorystore/docs/redis/reference/rest/v1/projects.locations.instances#Instance.FIELDS.redis_configs) for the list of supported parameter. | +| `redis.region` | String | No | null | The name of the Redis region of the instance. | +| `redis.project` | String | No | null | The ID of the project in which the resource belongs. If it is not provided, the provider project is used. | +| `redis.memory_size_gb` | Int | Yes | - | Redis memory size in GiB. Used only if `redis.is_cluster` is `false`. | +| `redis.alternative_location_id` | String | No | null | Only applicable to `STANDARD_HA` tier which protects the instance against zonal failures by provisioning it across two zones. If provided, it must be a different zone from the one provided in `redis.alternative_location_id`. Used only if `redis.is_cluster` is `false`. | +| `redis.auth_enabled` | Bool | No | false | Indicates whether OSS Redis AUTH is enabled for the instance. If set to `true` AUTH is enabled on the instance. Default value is `false` meaning AUTH is disabled. Used only if `redis.is_cluster` is `false`. | +| `redis.authorized_network` | String | No | null | The full name of the Google Compute Engine network to which the instance is connected. If left unspecified, the default network will be used. Used only if `redis.is_cluster` is `false`. | +| `redis.connect_mode` | String | No | DIRECT_PEERING | The connection mode of the Redis instance. Default value is `DIRECT_PEERING`. Possible values are: `DIRECT_PEERING`, `PRIVATE_SERVICE_ACCESS`. Used only if `redis.is_cluster` is `false`. | +| `redis.display_name` | String | No | null | An arbitrary and optional user-provided name for the instance. Used only if `redis.is_cluster` is `false`. Used only if `redis.is_cluster` is `false`. | +| `redis.labels` | Map | No | {} | Resource labels to represent user provided metadata. **Note:** This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effective_labels` for all of the labels present on the resource. Used only if `redis.is_cluster` is `false`. Used only if `redis.is_cluster` is `false`. | +| `redis.location_id` | String | No | null | The zone where the instance will be provisioned. If not provided, the service will choose a zone for the instance. For `STANDARD_HA` tier, instances will be created across two zones for protection against zonal failures. If `redis.alternative_location_id` is also provided, it must be different from `redis.location_id`. Used only if `redis.is_cluster` is `false`. Used only if `redis.is_cluster` is `false`. | +| `redis.persistence_config` | List | No | [] | Persistence configuration for an instance. Used only if `redis.is_cluster` is `false`. | +| `redis.persistence_config.persistence_mode` | String | Yes | - | Controls whether Persistence features are enabled. If not provided, the existing value will be used. `DISABLED`: Persistence is disabled for the instance, and any existing snapshots are deleted. `RDB`: RDB based Persistence is enabled. Possible values are: `DISABLED`, `RDB`. | +| `redis.persistence_config.rdb_snapshot_period` | String | No | null | Available snapshot periods for scheduling. Possible values are: `ONE_HOUR`, `SIX_HOURS`, `TWELVE_HOURS`, `TWENTY_FOUR_HOURS`. | +| `redis.persistence_config.rdb_snapshot_start_time` | String | No | null | Date and time that the first snapshot was/will be attempted, and to which future snapshots will be aligned. If not provided, the current time will be used. A timestamp in **RFC3339** **UTC** "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: `2024-10-02T15:01:23Z` and `2024-10-02T15:01:23.045123456Z`. | +| `redis.maintenance_policy` | List | No | [] | Maintenance policy for an instance. Used only if `redis.is_cluster` is `false`. | +| `redis.maintenance_policy.description` | String | No | null | Description of what this policy is for. Create/Update methods return **INVALID_ARGUMENT** if the length is greater than 512. | +| `redis.maintenance_policy.weekly_maintenance_window` | List | No | [] | Maintenance window that is applied to resources covered by this policy. **Minimum 1**. For the current version, the maximum number of `weekly_window` is expected to be one. Used only if `redis.is_cluster` is `false`. | +| `redis.maintenance_policy.weekly_maintenance_window.day` | String | Yes | - | The day of week that maintenance updates occur. Possible values are: `DAY_OF_WEEK_UNSPECIFIED`, `MONDAY`, `TUESDAY`, `WEDNESDAY`, `THURSDAY`, `FRIDAY`, `SATURDAY`, `SUNDAY`. | +| `redis.maintenance_policy.weekly_maintenance_window.start_time` | List | Yes | - | Start time of the window in UTC time. | +| `redis.maintenance_policy.weekly_maintenance_window.hours` | String | No | null | Hours of day in 24 hour format. Should be from `0 to 23`. An API may choose to allow the value `24:00:00` for scenarios like business closing time. | +| `redis.maintenance_policy.weekly_maintenance_window.minutes` | String | No | null | Minutes of hour of day. Must be from `0 to 59`. | +| `redis.maintenance_policy.weekly_maintenance_window.seconds` | String | No | null | Seconds of minutes of the time. Must normally be from `0 to 59`. An API may allow the value `60` if it allows leap-seconds. | +| `redis.maintenance_policy.weekly_maintenance_window.nanos` | String | No | null | Fractions of seconds in nanoseconds. Must be from `0 to 999,999,999`. | +| `redis.redis_version` | String | No | null | The version of Redis software. If not provided, latest supported version will be used. Please check the [API documentation](https://cloud.google.com/memorystore/docs/redis/reference/rest/v1/projects.locations.instances) for the latest valid values. Possible values are: `REDIS_3_2`, `REDIS_4_0`, `REDIS_5_0`, `REDIS_6_X`, `REDIS_7_0`. Used only if `redis.is_cluster` is `false`. | +| `redis.reserved_ip_range` | String | No | null | The CIDR range of internal addresses that are reserved for this instance. If not provided, the service will choose an unused **/29** block, for example, `10.0.0.0/29` or `192.168.0.0/29`. Ranges must be unique and non-overlapping with existing subnets in an authorized network. Used only if `redis.is_cluster` is `false`. | +| `redis.tier` | String | No | BASIC | The service tier of the instance. Must be one of these values: `BASIC`: standalone instance. `STANDARD_HA`: highly available primary/replica instances. Default value is `BASIC`. Possible values are: `BASIC`, `STANDARD_HA`. Used only if `redis.is_cluster` is `false`. | +| `redis.transit_encryption_mode` | String | No | DISABLED | The TLS mode of the Redis instance, If not provided, TLS is disabled for the instance. `SERVER_AUTHENTICATION`: Client to Server traffic encryption enabled with server authentication. Default value is `DISABLED`. Possible values are: `SERVER_AUTHENTICATION`, `DISABLED`. Used only if `redis.is_cluster` is `false`. | +| `redis.read_replicas_mode` | String | No | READ_REPLICAS_DISABLED | Read replica mode. Can only be specified when trying to create the instance. If not set, Memorystore Redis backend will default to `READ_REPLICAS_DISABLED`. `READ_REPLICAS_DISABLED`: If disabled, read endpoint will not be provided and the instance cannot scale up or down the number of replicas. `READ_REPLICAS_ENABLED`: If enabled, read endpoint will be provided and the instance can scale up and down the number of replicas. Possible values are: `READ_REPLICAS_DISABLED`, `READ_REPLICAS_ENABLED`. Used only if `redis.is_cluster` is `false`. | +| `redis.secondary_ip_range` | String | No | null | Additional IP range for node placement. Required when enabling read replicas on an existing instance. For `redis.connect_mode = DIRECT_PEERING` mode value must be a CIDR range of size **/28**, or "auto". For `redis.connect_mode = PRIVATE_SERVICE_ACCESS` mode value must be the name of an allocated address range associated with the private service access connection, or "auto". Used only if `redis.is_cluster` is `false`. | +| `redis.customer_managed_key` | String | No | null | The KMS key reference that you want to use to encrypt the data at rest for this Redis instance. If this is provided, CMEK is enabled. Used only if `redis.is_cluster` is `false`. | +| `redis.shard_count` | Int | Yes | - | Number of shards for the Redis cluster. Used only if `redis.is_cluster` is `true`. | +| `redis.psc_configs` | List | Yes | - | Each PscConfig configures the consumer network where two network addresses will be designated to the cluster for client access. Currently, only one PscConfig is supported. Used only if `redis.is_cluster` is `true`. | +| `redis.psc_configs.network` | String | Yes | - | The consumer network where the network address of the discovery endpoint will be reserved. Used only if `redis.is_cluster` is `true`. | +| `redis.authorization_mode` | String | No | AUTH_MODE_DISABLED | The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. Default value is `AUTH_MODE_DISABLED`. Possible values are: `AUTH_MODE_UNSPECIFIED`, `AUTH_MODE_IAM_AUTH`, `AUTH_MODE_DISABLED`. Used only if `redis.is_cluster` is `true`. | +| `redis.transit_encryption_mode` | String | No | TRANSIT_ENCRYPTION_MODE_DISABLED | The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. Default value is `TRANSIT_ENCRYPTION_MODE_DISABLED`. Possible values are: `TRANSIT_ENCRYPTION_MODE_UNSPECIFIED`, `TRANSIT_ENCRYPTION_MODE_DISABLED`, `TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION`. Used only if `redis.is_cluster` is `true`. | +| `redis.node_type` | String | No | REDIS_HIGHMEM_MEDIUM | The nodeType for the Redis cluster. If not provided, `REDIS_HIGHMEM_MEDIUM` will be used as default Possible values are: `REDIS_SHARED_CORE_NANO`, `REDIS_HIGHMEM_MEDIUM`, `REDIS_HIGHMEM_XLARGE`, `REDIS_STANDARD_SMALL`. Used only if `redis.is_cluster` is `true`. | + +## Example + +Usage example located in this [directory](docs/example). diff --git a/Google Cloud Platform/Memorystore/redis/docs/example/example.tf b/Google Cloud Platform/Memorystore/redis/docs/example/example.tf new file mode 100644 index 0000000..5140297 --- /dev/null +++ b/Google Cloud Platform/Memorystore/redis/docs/example/example.tf @@ -0,0 +1,84 @@ +provider "google" { + credentials = file("project-credentials.json") + project = YOUR_PROJECT_ID + region = YOUR_REGION +} + +terraform { + backend "gcs" { + bucket = "name-your-bucket-1" + prefix = "terraform/memorystore/redis/state" + credentials = "project-credentials.json" + } +} + +data "terraform_remote_state" "vpc" { + backend = "gcs" + config = { + bucket = "name-your-bucket-1" + prefix = "terraform/networks/networks/state" + credentials = "project-credentials.json" + } +} + +module "redis" { + source = "github.com/nixys/nxs-marketplace-terraform/Google Cloud Platform/Memorystore/redis" + + redis = { + ha-memory-cache-persis = { + is_cluster = false + memory_size_gb = 5 + location_id = "us-central1-a" + alternative_location_id = "us-central1-f" + display_name = "Redis HA persistent" + tier = "STANDARD_HA" + + persistence_config = [{ + persistence_mode = "RDB" + rdb_snapshot_period = "TWENTY_FOUR_HOURS" + rdb_snapshot_start_time = "2024-01-01T00:00:00Z" + }] + + maintenance_policy = [{ + description = "Base maintenance policy" + weekly_maintenance_window = [{ + day = "SATURDAY" + start_time = [{ + hours = 4 + }] + }] + }] + } + + memory-cache-nonpersis = { + is_cluster = false + + memory_size_gb = 2 + location_id = "us-central1-a" + display_name = "Redis non-HA non-persistent" + tier = "BASIC" + redis_version = "REDIS_7_0" + labels = { + system = "redis" + } + + persistence_config = [{ + persistence_mode = "DISABLED" + }] + } + + redis-cluster-ha = { + is_cluster = true + + shard_count = 3 + + psc_configs = [{ + network = data.terraform_remote_state.vpc.outputs.vpc_ids["redis-cluster-network"] + }] + + transit_encryption_mode = "TRANSIT_ENCRYPTION_MODE_DISABLED" + node_type = "REDIS_SHARED_CORE_NANO" + replica_count = 0 + } + } +} diff --git a/Google Cloud Platform/Memorystore/redis/docs/example/versions.tf b/Google Cloud Platform/Memorystore/redis/docs/example/versions.tf new file mode 100644 index 0000000..985b091 --- /dev/null +++ b/Google Cloud Platform/Memorystore/redis/docs/example/versions.tf @@ -0,0 +1,10 @@ +terraform { + required_version = ">= v1.0.0" + + required_providers { + google = { + source = "hashicorp/google" + version = ">= 5.17.0" + } + } +} \ No newline at end of file diff --git a/Google Cloud Platform/Memorystore/redis/redis_cluster.tf b/Google Cloud Platform/Memorystore/redis/redis_cluster.tf new file mode 100644 index 0000000..4608cfb --- /dev/null +++ b/Google Cloud Platform/Memorystore/redis/redis_cluster.tf @@ -0,0 +1,21 @@ +resource "google_redis_cluster" "redis_cluster" { + for_each = { for k, v in var.redis : k => v if v.is_cluster } + + name = each.key + shard_count = each.value.shard_count + + dynamic "psc_configs" { + for_each = each.value.psc_configs + content { + network = psc_configs.value.network + } + } + + authorization_mode = try(each.value.authorization_mode, null) + transit_encryption_mode = try(each.value.transit_encryption_mode, null) + node_type = try(each.value.node_type, null) + replica_count = try(each.value.replica_count, null) + redis_configs = try(each.value.redis_configs, null) + region = try(each.value.region, null) + project = try(each.value.project, null) +} \ No newline at end of file diff --git a/Google Cloud Platform/Memorystore/redis/redis_instance.tf b/Google Cloud Platform/Memorystore/redis/redis_instance.tf new file mode 100644 index 0000000..15b6f0d --- /dev/null +++ b/Google Cloud Platform/Memorystore/redis/redis_instance.tf @@ -0,0 +1,56 @@ +resource "google_redis_instance" "redis_instance" { + for_each = { for k, v in var.redis : k => v if !v.is_cluster } + + name = each.key + memory_size_gb = each.value.memory_size_gb + location_id = try(each.value.location_id, null) + alternative_location_id = try(each.value.alternative_location_id, null) + auth_enabled = try(each.value.auth_enabled, null) + authorized_network = try(each.value.authorized_network, null) + connect_mode = try(each.value.connect_mode, null) + display_name = try(each.value.display_name, null) + labels = try(each.value.labels, null) + redis_configs = try(each.value.redis_configs, null) + + dynamic "persistence_config" { + for_each = try(each.value.persistence_config, []) + content { + persistence_mode = persistence_config.value.persistence_mode + rdb_snapshot_period = try(persistence_config.value.rdb_snapshot_period, null) + rdb_snapshot_start_time = try(persistence_config.value.rdb_snapshot_start_time, null) + } + } + + dynamic "maintenance_policy" { + for_each = try(each.value.maintenance_policy, []) + content { + description = try(maintenance_policy.value.description, null) + dynamic "weekly_maintenance_window" { + for_each = try(maintenance_policy.value.weekly_maintenance_window, []) + content { + day = weekly_maintenance_window.value.day + dynamic "start_time" { + for_each = weekly_maintenance_window.value.start_time + content { + hours = try(start_time.value.hours, null) + minutes = try(start_time.value.minutes, null) + seconds = try(start_time.value.seconds, null) + nanos = try(start_time.value.nanos, null) + } + } + } + } + } + } + + redis_version = try(each.value.redis_version, null) + reserved_ip_range = try(each.value.reserved_ip_range, null) + tier = try(each.value.tier, null) + transit_encryption_mode = try(each.value.transit_encryption_mode, null) + replica_count = try(each.value.replica_count, null) + read_replicas_mode = try(each.value.read_replicas_mode, null) + secondary_ip_range = try(each.value.secondary_ip_range, null) + customer_managed_key = try(each.value.customer_managed_key, null) + region = try(each.value.region, null) + project = try(each.value.project, null) +} \ No newline at end of file diff --git a/Google Cloud Platform/Memorystore/redis/variables.tf b/Google Cloud Platform/Memorystore/redis/variables.tf new file mode 100644 index 0000000..d959cc7 --- /dev/null +++ b/Google Cloud Platform/Memorystore/redis/variables.tf @@ -0,0 +1,5 @@ +variable "redis" { + description = "Create instances for Redis in Memorystore" + type = any + default = {} +} \ No newline at end of file diff --git a/Google Cloud Platform/Memorystore/redis/versions.tf b/Google Cloud Platform/Memorystore/redis/versions.tf new file mode 100644 index 0000000..985b091 --- /dev/null +++ b/Google Cloud Platform/Memorystore/redis/versions.tf @@ -0,0 +1,10 @@ +terraform { + required_version = ">= v1.0.0" + + required_providers { + google = { + source = "hashicorp/google" + version = ">= 5.17.0" + } + } +} \ No newline at end of file diff --git a/README.md b/README.md index 76147ed..824df92 100644 --- a/README.md +++ b/README.md @@ -44,6 +44,7 @@ The available variables are listed in each modules's README file, along with the 3. [SQL](https://github.com/nixys/nxs-marketplace-terraform/blob/main/Google%20Cloud%20Platform/SQL/README.md) - create resources in SQL 4. [Net-Services](https://github.com/nixys/nxs-marketplace-terraform/blob/main/Google%20Cloud%20Platform/Net-Services/README.md) - create resources in Net-Services 5. [Kubernetes-Engine](https://github.com/nixys/nxs-marketplace-terraform/blob/main/Google%20Cloud%20Platform/Kubernetes-Engine/README.md) - create resources in Kubernetes +6. [Memorystore](https://github.com/nixys/nxs-marketplace-terraform/blob/main/Google%20Cloud%20Platform/Memorystore/README.md) - create resources in Memorystore