scaffold networking

nebuly-ai · Sep 19, 2024 · e019ef2 · e019ef2
1 parent c4956ef
commit e019ef2
Show file tree

Hide file tree

Showing 10 changed files with 220 additions and 0 deletions.
diff --git a/.gitignore b/.gitignore
@@ -4,3 +4,4 @@ secrets.auto.tfvars
 .idea/
 backend.tfvars
 .terraform.lock.hcl
+credentials.json
diff --git a/.terraform-docs.yml b/.terraform-docs.yml
@@ -20,6 +20,12 @@ content: |-
 
   Available on [Terraform Registry](https://registry.terraform.io/modules/nebuly-ai/nebuly-platform/gcp/latest).
 
+  ## APIs to Enable
+  - sqladmin.googleapis.com 
+  - servicenetworking.googleapis.com
+  - cloudresourcemanager.googleapis.com
+
+
   ## Quickstart
 
   > ⚠️  **Prerequisite**:

diff --git a/main.tf b/main.tf
@@ -0,0 +1,116 @@
+terraform {
+  required_version = ">= 1.0"
+
+  required_providers {
+    google = {
+      source  = "hashicorp/google"
+      version = "~>6.3.0"
+    }
+    random = {
+      source  = "hashicorp/random"
+      version = "~>3.6"
+    }
+    tls = {
+      source  = "hashicorp/tls"
+      version = "~>4.0"
+    }
+  }
+}
+
+
+# ------ Network ------ #
+resource "google_compute_network" "main" {
+  name                    = "${var.resource_prefix}-nebuly"
+  description             = "The VPC network for the Nebuly platform."
+  auto_create_subnetworks = false
+}
+resource "google_compute_global_address" "main" {
+  name          = "${var.resource_prefix}-nebuly"
+  purpose       = "VPC_PEERING"
+  address_type  = "INTERNAL"
+  prefix_length = 16
+  network       = google_compute_network.main.id
+}
+resource "google_compute_subnetwork" "main" {
+  name          = "main"
+  ip_cidr_range = "10.0.0.0/16"
+  region        = var.region
+  network       = google_compute_network.main.id
+
+  secondary_ip_range {
+    range_name    = "services-range"
+    ip_cidr_range = "10.4.0.0/16"
+  }
+
+  secondary_ip_range {
+    range_name    = "pod-ranges"
+    ip_cidr_range = "10.8.0.0/16"
+  }
+}
+
+# Private Service Access for Cloud SQL private IP
+#resource "google_service_networking_connection" "main" {
+#  network                 = google_compute_network.main.id
+#  service                 = "servicenetworking.googleapis.com"
+#  reserved_peering_ranges = [google_compute_global_address.main.name]
+#}
+#resource "google_compute_network_peering_routes_config" "main" {
+#  peering              = google_service_networking_connection.main.peering
+#  network              = google_compute_network.main.name
+#  import_custom_routes = true
+#  export_custom_routes = true
+#}
+
+
+# ------ PostgreSQL ------ #
+#resource "google_sql_database_instance" "main" {
+#  name             = "${var.resource_prefix}-nebuly"
+#  database_version = "POSTGRES_16"
+#  region           = var.region
+#
+#  settings {
+#    tier = "db-f1-micro"
+#
+#    ip_configuration {
+#      ipv4_enabled    = "false"
+#      private_network = google_compute_network.main.id
+#    }
+#  }
+#
+#  deletion_protection = false # TODO
+#
+#  depends_on = [google_service_networking_connection.main]
+#}
+#resource "google_sql_database" "analytics" {
+#  name      = "analytics"
+#  instance  = google_sql_database_instance.main.name
+#  charset   = "UTF8"
+#  collation = "en_US.UTF8"
+#}
+#resource "random_password" "analytics" {
+#  length           = 16
+#  special          = true
+#  override_special = "_%@"
+#}
+#resource "google_sql_user" "analytics" {
+#  name     = "analytics"
+#  instance = google_sql_database_instance.main.name
+#  password = random_password.analytics.result
+#}
+#resource "google_sql_database" "auth" {
+#  name      = "auth"
+#  instance  = google_sql_database_instance.main.name
+#  charset   = "UTF8"
+#  collation = "en_US.UTF8"
+#}
+#resource "random_password" "auth" {
+#  length           = 16
+#  special          = true
+#  override_special = "_%@"
+#}
+#resource "google_sql_user" "auth" {
+#  name     = "auth"
+#  instance = google_sql_database_instance.main.name
+#  password = random_password.auth.result
+#}
+#
diff --git a/tests/dev-provisioning/backend.tfvars.example b/tests/dev-provisioning/backend.tfvars.example
diff --git a/tests/dev-provisioning/credentials.json.example b/tests/dev-provisioning/credentials.json.example
diff --git a/tests/dev-provisioning/main.tf b/tests/dev-provisioning/main.tf
@@ -0,0 +1,42 @@
+# ----------- Terraform setup ----------- #
+terraform {
+  required_version = ">1.8"
+
+  required_providers {
+    google = {
+      source  = "hashicorp/google"
+      version = "~>6.3"
+    }
+  }
+}
+
+provider "google" {
+  region      = var.region
+  credentials = file("${path.module}/credentials.json")
+  project = "nbllab-platform-test"
+}
+
+
+# ------ Variables ------ #
+variable "region" {
+  type = string
+}
+
+
+# ------ Main ------ #
+module "platform" {
+  source = "../.."
+
+  region          = var.region
+  resource_prefix = "nbllab"
+
+  openai_api_key              = ""
+  openai_endpoint             = ""
+  openai_gpt4_deployment_name = ""
+
+  platform_domain = "nebuly-platform.testing"
+  nebuly_credentials = {
+    client_id     = ""
+    client_secret = ""
+  }
+}
diff --git a/tests/dev-provisioning/remote_state.tf b/tests/dev-provisioning/remote_state.tf
@@ -0,0 +1,8 @@
+terraform {
+  backend "azurerm" {
+    resource_group_name  = "rg-shared"
+    storage_account_name = "nbllabtfstatessa"
+    container_name       = "int-test-platform-gcp-tfstate"
+    key                  = "tfstate"
+  }
+}
diff --git a/tests/dev-provisioning/terraform.auto.tfvars b/tests/dev-provisioning/terraform.auto.tfvars
@@ -0,0 +1 @@
+region = "europe-west8"
diff --git a/tests/setup/main.tf b/tests/setup/main.tf
diff --git a/variables.tf b/variables.tf
@@ -0,0 +1,46 @@
+# ------ General ------ #
+variable "region" {
+  description = "The region where the resources will be created"
+  type        = string
+}
+variable "tags" {
+  type        = map(string)
+  default     = {}
+  description = "Common tags that will be applied to all resources."
+}
+variable "resource_prefix" {
+  type        = string
+  description = "The prefix that is used for generating resource names."
+}
+variable "platform_domain" {
+  type        = string
+  description = "The domain on which the deployed Nebuly platform is made accessible."
+  validation {
+    condition     = can(regex("(?:[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?\\.)+[a-z0-9][a-z0-9-]{0,61}[a-z0-9]", var.platform_domain))
+    error_message = "The domain name must be a valid domain (e.g., example.com)."
+  }
+}
+
+# ------ External credentials ------ #
+variable "openai_api_key" {
+  description = "The API Key used for authenticating with OpenAI."
+  type        = string
+}
+variable "openai_endpoint" {
+  description = "The endpoint of the OpenAI API."
+  type        = string
+}
+variable "openai_gpt4_deployment_name" {
+  description = "The name of the deployment to use for the GPT-4 model."
+  type        = string
+}
+variable "nebuly_credentials" {
+  type = object({
+    client_id : string
+    client_secret : string
+  })
+  description = <<EOT
+  The credentials provided by Nebuly are required for activating your platform installation. 
+  If you haven't received your credentials or have lost them, please contact [email protected].
+  EOT
+}