From b4a426283911304444d01ab459cd98289ed5bcf7 Mon Sep 17 00:00:00 2001 From: Petri Autero Date: Thu, 28 Mar 2019 12:45:31 +0200 Subject: [PATCH 1/3] Use the recently introduced ip outputs --- examples/mysql-private-ip/main.tf | 1 + examples/mysql-private-ip/outputs.tf | 9 ++---- examples/mysql-public-ip/main.tf | 1 + examples/mysql-public-ip/outputs.tf | 9 ++---- examples/mysql-replicas/main.tf | 1 + examples/mysql-replicas/outputs.tf | 17 ++++------ examples/postgres-private-ip/main.tf | 1 + examples/postgres-private-ip/outputs.tf | 9 ++---- examples/postgres-public-ip/main.tf | 1 + examples/postgres-public-ip/outputs.tf | 9 ++---- examples/postgres-replicas/main.tf | 1 + examples/postgres-replicas/outputs.tf | 13 +++----- modules/cloud-sql/README.md | 9 +++--- modules/cloud-sql/outputs.tf | 41 +++++++++++++++++-------- 14 files changed, 57 insertions(+), 65 deletions(-) diff --git a/examples/mysql-private-ip/main.tf b/examples/mysql-private-ip/main.tf index 662f45e..ff02d45 100644 --- a/examples/mysql-private-ip/main.tf +++ b/examples/mysql-private-ip/main.tf @@ -7,6 +7,7 @@ # ------------------------------------------------------------------------------ provider "google-beta" { + version = "~> 2.1.0" region = "${var.region}" project = "${var.project}" } diff --git a/examples/mysql-private-ip/outputs.tf b/examples/mysql-private-ip/outputs.tf index ef89a99..50b3a36 100644 --- a/examples/mysql-private-ip/outputs.tf +++ b/examples/mysql-private-ip/outputs.tf @@ -7,14 +7,9 @@ output "master_instance_name" { value = "${module.mysql.master_instance_name}" } -output "master_ip_addresses" { - description = "All IP addresses of the instance as list of maps, see https://www.terraform.io/docs/providers/google/r/sql_database_instance.html#ip_address-0-ip_address" - value = "${module.mysql.master_ip_addresses}" -} - output "master_private_ip" { - description = "The first IPv4 address of the addresses assigned to the instance. As this instance has only private IP, it is the private IP address." - value = "${module.mysql.master_first_ip_address}" + description = "The private IPv4 address of the master instance." + value = "${module.mysql.master_private_ip_address}" } output "master_instance" { diff --git a/examples/mysql-public-ip/main.tf b/examples/mysql-public-ip/main.tf index 0adc979..4864a58 100644 --- a/examples/mysql-public-ip/main.tf +++ b/examples/mysql-public-ip/main.tf @@ -7,6 +7,7 @@ # ------------------------------------------------------------------------------ provider "google-beta" { + version = "~> 2.1.0" region = "${var.region}" project = "${var.project}" } diff --git a/examples/mysql-public-ip/outputs.tf b/examples/mysql-public-ip/outputs.tf index 20d103c..51b2846 100644 --- a/examples/mysql-public-ip/outputs.tf +++ b/examples/mysql-public-ip/outputs.tf @@ -7,14 +7,9 @@ output "master_instance_name" { value = "${module.mysql.master_instance_name}" } -output "master_ip_addresses" { - description = "All IP addresses of the instance as list of maps, see https://www.terraform.io/docs/providers/google/r/sql_database_instance.html#ip_address-0-ip_address" - value = "${module.mysql.master_ip_addresses}" -} - output "master_public_ip" { - description = "The first IPv4 address of the addresses assigned to the instance. As this instance has only public IP, it is the public IP address." - value = "${module.mysql.master_first_ip_address}" + description = "The public IPv4 address of the master instance." + value = "${module.mysql.master_public_ip_address}" } output "master_ca_cert" { diff --git a/examples/mysql-replicas/main.tf b/examples/mysql-replicas/main.tf index 7df6faf..646cf96 100644 --- a/examples/mysql-replicas/main.tf +++ b/examples/mysql-replicas/main.tf @@ -7,6 +7,7 @@ # ------------------------------------------------------------------------------ provider "google-beta" { + version = "~> 2.1.0" region = "${var.region}" project = "${var.project}" } diff --git a/examples/mysql-replicas/outputs.tf b/examples/mysql-replicas/outputs.tf index 18f12fd..9e501cc 100644 --- a/examples/mysql-replicas/outputs.tf +++ b/examples/mysql-replicas/outputs.tf @@ -7,14 +7,9 @@ output "master_instance_name" { value = "${module.mysql.master_instance_name}" } -output "master_ip_addresses" { - description = "All IP addresses of the instance as list of maps, see https://www.terraform.io/docs/providers/google/r/sql_database_instance.html#ip_address-0-ip_address" - value = "${module.mysql.master_ip_addresses}" -} - output "master_public_ip" { - description = "The first IPv4 address of the addresses assigned to the master instance. As this instance has only public IP, it is the public IP address." - value = "${module.mysql.master_first_ip_address}" + description = "The public IPv4 address of the master instance." + value = "${module.mysql.master_public_ip_address}" } output "master_instance" { @@ -56,8 +51,8 @@ output "failover_instance_name" { } output "failover_public_ip" { - description = "The first IPv4 address of the addresses assigned to the failover instance. As this instance has only public IP, it is the public IP address." - value = "${module.mysql.failover_first_ip_address}" + description = "The public IPv4 address of the failover instance" + value = "${module.mysql.failover_public_ip_address}" } output "failover_proxy_connection" { @@ -75,8 +70,8 @@ output "read_replica_instance_names" { } output "read_replica_public_ips" { - description = "List of first IPv4 addresses of the addresses assigned to the read replica instances. As the instances have only public IP in the example, the are the public IP addresses." - value = ["${module.mysql.read_replica_first_ip_addresses}"] + description = "List of public IPv4 addresses of the read replica instances" + value = ["${module.mysql.read_replica_public_ip_addresses}"] } output "read_replica_instances" { diff --git a/examples/postgres-private-ip/main.tf b/examples/postgres-private-ip/main.tf index c467e1f..a3cccac 100644 --- a/examples/postgres-private-ip/main.tf +++ b/examples/postgres-private-ip/main.tf @@ -7,6 +7,7 @@ # ------------------------------------------------------------------------------ provider "google-beta" { + version = "~> 2.1.0" region = "${var.region}" project = "${var.project}" } diff --git a/examples/postgres-private-ip/outputs.tf b/examples/postgres-private-ip/outputs.tf index edc31db..eb5f424 100644 --- a/examples/postgres-private-ip/outputs.tf +++ b/examples/postgres-private-ip/outputs.tf @@ -7,14 +7,9 @@ output "master_instance_name" { value = "${module.postgres.master_instance_name}" } -output "master_ip_addresses" { - description = "All IP addresses of the instance as list of maps, see https://www.terraform.io/docs/providers/google/r/sql_database_instance.html#ip_address-0-ip_address" - value = "${module.postgres.master_ip_addresses}" -} - output "master_private_ip" { - description = "The first IPv4 address of the addresses assigned to the instance. As this instance has only private IP, it is the private IP address." - value = "${module.postgres.master_first_ip_address}" + description = "The private IPv4 address of the master instance" + value = "${module.postgres.master_private_ip_address}" } output "master_instance" { diff --git a/examples/postgres-public-ip/main.tf b/examples/postgres-public-ip/main.tf index 7ea0a08..0e5d6bf 100644 --- a/examples/postgres-public-ip/main.tf +++ b/examples/postgres-public-ip/main.tf @@ -7,6 +7,7 @@ # ------------------------------------------------------------------------------ provider "google-beta" { + version = "~> 2.1.0" region = "${var.region}" project = "${var.project}" } diff --git a/examples/postgres-public-ip/outputs.tf b/examples/postgres-public-ip/outputs.tf index d3c41aa..4dab31c 100644 --- a/examples/postgres-public-ip/outputs.tf +++ b/examples/postgres-public-ip/outputs.tf @@ -7,14 +7,9 @@ output "master_instance_name" { value = "${module.postgres.master_instance_name}" } -output "master_ip_addresses" { - description = "All IP addresses of the instance as list of maps, see https://www.terraform.io/docs/providers/google/r/sql_database_instance.html#ip_address-0-ip_address" - value = "${module.postgres.master_ip_addresses}" -} - output "master_public_ip" { - description = "The first IPv4 address of the addresses assigned to the instance. As this instance has only public IP, it is the public IP address." - value = "${module.postgres.master_first_ip_address}" + description = "The public IPv4 address of the master instance" + value = "${module.postgres.master_public_ip_address}" } output "master_ca_cert" { diff --git a/examples/postgres-replicas/main.tf b/examples/postgres-replicas/main.tf index dd5005d..8713c1f 100644 --- a/examples/postgres-replicas/main.tf +++ b/examples/postgres-replicas/main.tf @@ -7,6 +7,7 @@ # ------------------------------------------------------------------------------ provider "google-beta" { + version = "~> 2.1.0" region = "${var.region}" project = "${var.project}" } diff --git a/examples/postgres-replicas/outputs.tf b/examples/postgres-replicas/outputs.tf index e57016d..9838b97 100644 --- a/examples/postgres-replicas/outputs.tf +++ b/examples/postgres-replicas/outputs.tf @@ -7,14 +7,9 @@ output "master_instance_name" { value = "${module.postgres.master_instance_name}" } -output "master_ip_addresses" { - description = "All IP addresses of the instance as list of maps, see https://www.terraform.io/docs/providers/google/r/sql_database_instance.html#ip_address-0-ip_address" - value = "${module.postgres.master_ip_addresses}" -} - output "master_public_ip" { - description = "The first IPv4 address of the addresses assigned to the master instance. As this instance has only public IP, it is the public IP address." - value = "${module.postgres.master_first_ip_address}" + description = "The public IPv4 address of the master instance" + value = "${module.postgres.master_public_ip_address}" } output "master_instance" { @@ -51,8 +46,8 @@ output "read_replica_instance_names" { } output "read_replica_public_ips" { - description = "List of first IPv4 addresses of the addresses assigned to the read replica instances. As the instances have only public IP in the example, the are the public IP addresses." - value = ["${module.postgres.read_replica_first_ip_addresses}"] + description = "List of public IPv4 addresses of the read replica instances" + value = ["${module.postgres.read_replica_public_ip_addresses}"] } output "read_replica_instances" { diff --git a/modules/cloud-sql/README.md b/modules/cloud-sql/README.md index c3059bb..ec510f2 100644 --- a/modules/cloud-sql/README.md +++ b/modules/cloud-sql/README.md @@ -25,16 +25,17 @@ You can also use the [Cloud SQL Proxy for MySQL](https://cloud.google.com/sql/do to connect to an instance that is also configured to use private IP. The proxy can connect using either the private IP address or a public IP address. This module provides the connection details as [Terraform output -variables](https://www.terraform.io/intro/getting-started/outputs.html): +variables](https://www.terraform.io/intro/getting-started/outputs.html). Use the public / private addresses depending on your configuration: -1. **Master First IP Address** `master_first_ip_address`: The first IPv4 address of the addresses assigned to the instance. If the instance has only public IP, it is the [public IP address](https://cloud.google.com/sql/docs/mysql/connect-admin-ip). If it has only private IP, it the [private IP address](https://cloud.google.com/sql/docs/mysql/private-ip). If it has both, it is the first item in the list and full IP address details are in `master_ip_addresses`. +1. **Master Public IP Address** `master_public_ip_address`: The public IPv4 address of the master instance. +1. **Master Private IP Address** `master_private_ip_address`: The private IPv4 address of the master instance. 1. **Master Proxy connection** `master_proxy_connection`: Instance path for connecting with Cloud SQL Proxy; see [Connecting mysql Client Using the Cloud SQL Proxy](https://cloud.google.com/sql/docs/mysql/connect-admin-proxy). -1. **Read Replica First IP Addresses** `read_replica_first_ip_addresses`: A list of all read replica IP addresses in the cluster. Use these addresses for reads (see "How do you scale this database?" below). +1. **Read Replica Public IP Addresses** `read_replica_public_ip_addresses`: A list of read replica public IP addresses in the cluster. Use these addresses for reads (see "How do you scale this database?" below). +1. **Read Replica Private IP Addresses** `read_replica_private_ip_addresses`: A list of read replica private IP addresses in the cluster. Use these addresses for reads (see "How do you scale this database?" below). 1. **Read Replica Proxy Connections** `read_replica_proxy_connections`: A list of instance paths for connecting with Cloud SQL Proxy; see [Connecting Using the Cloud SQL Proxy](https://cloud.google.com/sql/docs/mysql/connect-admin-proxy). - You can programmatically extract these variables in your Terraform templates and pass them to other resources. You'll also see the variables at the end of each `terraform apply` call or if you run `terraform output`. diff --git a/modules/cloud-sql/outputs.tf b/modules/cloud-sql/outputs.tf index f72ee1f..2e278ab 100644 --- a/modules/cloud-sql/outputs.tf +++ b/modules/cloud-sql/outputs.tf @@ -7,16 +7,21 @@ output "master_instance_name" { value = "${google_sql_database_instance.master.name}" } +output "master_public_ip_address" { + description = "The public IPv4 address of the master instance." + value = "${google_sql_database_instance.master.public_ip_address}" +} + +output "master_private_ip_address" { + description = "The public IPv4 address of the master instance." + value = "${google_sql_database_instance.master.private_ip_address}" +} + output "master_ip_addresses" { description = "All IP addresses of the master instance JSON encoded, see https://www.terraform.io/docs/providers/google/r/sql_database_instance.html#ip_address-0-ip_address" value = "${jsonencode(google_sql_database_instance.master.ip_address)}" } -output "master_first_ip_address" { - description = "The first IPv4 address of the addresses assigned to the master instance. If the instance has only public IP, it is the public IP address. If it has only private IP, it the private IP address. If it has both, it is the first item in the list and full IP address details are in 'instance_ip_addresses'" - value = "${google_sql_database_instance.master.first_ip_address}" -} - output "master_instance" { description = "Self link to the master instance" value = "${google_sql_database_instance.master.self_link}" @@ -79,16 +84,21 @@ output "failover_instance_name" { value = "${join("", google_sql_database_instance.failover_replica.*.name)}" } +output "failover_public_ip_address" { + description = "The public IPv4 address of the failover instance." + value = "${join("", google_sql_database_instance.failover_replica.*.public_ip_address)}" +} + +output "failover_private_ip_address" { + description = "The private IPv4 address of the failover instance." + value = "${join("", google_sql_database_instance.failover_replica.*.private_ip_address)}" +} + output "failover_ip_addresses" { description = "All IP addresses of the failover instance JSON encoded, see https://www.terraform.io/docs/providers/google/r/sql_database_instance.html#ip_address-0-ip_address" value = "${jsonencode(google_sql_database_instance.failover_replica.*.ip_address)}" } -output "failover_first_ip_address" { - description = "The first IPv4 address of the addresses assigned to the failover instance. If the instance has only public IP, it is the public IP address. If it has only private IP, it the private IP address. If it has both, it is the first item in the list and full IP address details are in 'instance_ip_addresses'" - value = "${join("", google_sql_database_instance.failover_replica.*.first_ip_address)}" -} - output "failover_instance" { description = "Self link to the failover instance" value = "${join("", google_sql_database_instance.failover_replica.*.self_link)}" @@ -142,9 +152,14 @@ output "read_replica_ip_addresses" { value = "${jsonencode(google_sql_database_instance.read_replica.*.ip_address)}" } -output "read_replica_first_ip_addresses" { - description = "List of first IPv4 addresses of the addresses assigned to the read replica instances. If the instance has only public IP, it is the public IP address. If it has only private IP, it the private IP address. If it has both, it is the first item in the list and full IP address details are in 'instance_ip_addresses'" - value = ["${google_sql_database_instance.read_replica.*.first_ip_address}"] +output "read_replica_public_ip_addresses" { + description = "List of public IPv4 addresses of the read replica instances." + value = ["${google_sql_database_instance.read_replica.*.public_ip_address}"] +} + +output "read_replica_private_ip_addresses" { + description = "List of private IPv4 addresses of the read replica instances." + value = ["${google_sql_database_instance.read_replica.*.private_ip_address}"] } output "read_replica_instances" { From 19a826afa958716f5d416611dc3214798eeb8ca1 Mon Sep 17 00:00:00 2001 From: Petri Autero Date: Thu, 28 Mar 2019 13:16:18 +0200 Subject: [PATCH 2/3] Restore the master_ip_addresses because they're required by output validation --- examples/mysql-private-ip/outputs.tf | 5 +++++ examples/postgres-private-ip/outputs.tf | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/examples/mysql-private-ip/outputs.tf b/examples/mysql-private-ip/outputs.tf index 50b3a36..0353728 100644 --- a/examples/mysql-private-ip/outputs.tf +++ b/examples/mysql-private-ip/outputs.tf @@ -7,6 +7,11 @@ output "master_instance_name" { value = "${module.mysql.master_instance_name}" } +output "master_ip_addresses" { + description = "All IP addresses of the instance as list of maps, see https://www.terraform.io/docs/providers/google/r/sql_database_instance.html#ip_address-0-ip_address" + value = "${module.mysql.master_ip_addresses}" +} + output "master_private_ip" { description = "The private IPv4 address of the master instance." value = "${module.mysql.master_private_ip_address}" diff --git a/examples/postgres-private-ip/outputs.tf b/examples/postgres-private-ip/outputs.tf index eb5f424..46703bf 100644 --- a/examples/postgres-private-ip/outputs.tf +++ b/examples/postgres-private-ip/outputs.tf @@ -7,6 +7,11 @@ output "master_instance_name" { value = "${module.postgres.master_instance_name}" } +output "master_ip_addresses" { + description = "All IP addresses of the instance as list of maps, see https://www.terraform.io/docs/providers/google/r/sql_database_instance.html#ip_address-0-ip_address" + value = "${module.postgres.master_ip_addresses}" +} + output "master_private_ip" { description = "The private IPv4 address of the master instance" value = "${module.postgres.master_private_ip_address}" From 9de4b4296c46944e8cf6c26cf4dbd42138280532 Mon Sep 17 00:00:00 2001 From: Petri Autero Date: Thu, 28 Mar 2019 14:05:43 +0200 Subject: [PATCH 3/3] Provider now allows empty private_network --- modules/cloud-sql/main.tf | 46 +++++++++++++++------------------------ 1 file changed, 18 insertions(+), 28 deletions(-) diff --git a/modules/cloud-sql/main.tf b/modules/cloud-sql/main.tf index 8e5e7d7..cd6752f 100644 --- a/modules/cloud-sql/main.tf +++ b/modules/cloud-sql/main.tf @@ -20,31 +20,6 @@ locals { actual_binary_log_enabled = "${local.is_postgres ? false : var.mysql_binary_log_enabled}" actual_availability_type = "${local.is_postgres && var.enable_failover_replica ? "REGIONAL" : "ZONAL"}" actual_failover_replica_count = "${local.is_postgres ? 0 : var.enable_failover_replica ? 1 : 0}" - - # Terraform does not allow using lists of maps with coditionals, so we have to - # trick terraform by creating a string conditional first. - # See https://github.com/hashicorp/terraform/issues/12453 - ip_configuration_key = "${var.private_network != "" ? "PRIVATE" : "PUBLIC"}" - - ip_configuration_def = { - "PRIVATE" = [{ - authorized_networks = ["${var.authorized_networks}"] - ipv4_enabled = "${var.enable_public_internet_access}" - private_network = "${var.private_network}" - require_ssl = "${var.require_ssl}" - }] - - "PUBLIC" = [{ - authorized_networks = ["${var.authorized_networks}"] - ipv4_enabled = "${var.enable_public_internet_access}" - require_ssl = "${var.require_ssl}" - }] - } - - # We have to construct the sub-block dynamically. If the user creates a public-ip only instance, - # passing an empty string into 'private_network' causes - # 'private_network" ("") doesn't match regexp "projects/...' - ip_configuration = "${local.ip_configuration_def[local.ip_configuration_key]}" } # ------------------------------------------------------------------------------ @@ -69,7 +44,12 @@ resource "google_sql_database_instance" "master" { authorized_gae_applications = ["${var.authorized_gae_applications}"] disk_autoresize = "${var.disk_autoresize}" - ip_configuration = ["${local.ip_configuration}"] + ip_configuration { + authorized_networks = ["${var.authorized_networks}"] + ipv4_enabled = "${var.enable_public_internet_access}" + private_network = "${var.private_network}" + require_ssl = "${var.require_ssl}" + } location_preference { follow_gae_application = "${var.follow_gae_application}" @@ -173,7 +153,12 @@ resource "google_sql_database_instance" "failover_replica" { authorized_gae_applications = ["${var.authorized_gae_applications}"] disk_autoresize = "${var.disk_autoresize}" - ip_configuration = ["${local.ip_configuration}"] + ip_configuration { + authorized_networks = ["${var.authorized_networks}"] + ipv4_enabled = "${var.enable_public_internet_access}" + private_network = "${var.private_network}" + require_ssl = "${var.require_ssl}" + } location_preference { follow_gae_application = "${var.follow_gae_application}" @@ -230,7 +215,12 @@ resource "google_sql_database_instance" "read_replica" { authorized_gae_applications = ["${var.authorized_gae_applications}"] disk_autoresize = "${var.disk_autoresize}" - ip_configuration = ["${local.ip_configuration}"] + ip_configuration { + authorized_networks = ["${var.authorized_networks}"] + ipv4_enabled = "${var.enable_public_internet_access}" + private_network = "${var.private_network}" + require_ssl = "${var.require_ssl}" + } location_preference { follow_gae_application = "${var.follow_gae_application}"