case-kの備忘録

日々の備忘録です。データ分析とか基盤系に興味あります。

TerraformでCompute EngineにContainer Registryのイメージをデプロイする

TerraformでContainer RegistryのイメージをGCEにデプロイする方法の備忘録となります、

github.com

module "gce-container" {
  source  = "terraform-google-modules/container-vm/google"
  version = "~> 2.0"

  container = {
    image = "gcr.io/${var.project}/<container image>"
    tty : true
  }
  restart_policy = "Always"
}

GCEは次の通りです。

resource "google_compute_instance" "<Resource>" {
  name         = "<instance-name>"
  machine_type = "n2-custom-4-10240"
  zone         = "asia-northeast1-a"

  boot_disk {
    initialize_params {
      image = module.gce-container.source_image
      size  = 500
    }
  }
  allow_stopping_for_update = true

  network_interface {
    network    = "${google_compute_network.vpc.id}"
    subnetwork = "${google_compute_subnetwork.subnet.id}"
    access_config {}
  }

  tags = ["<instance-tag-name>"]

  metadata_startup_script = "#!/bin/bash /usr/bin/docker-credential-gcr configure-docker EOF"

  metadata = {
    gce-container-declaration = module.gce-container.metadata_value
    google-logging-enabled    = "true"
    google-monitoring-enabled = "true"
  }

  service_account {
    email = "${google_service_account.<email>}"
    scopes = [
      "https://www.googleapis.com/auth/cloud-platform",
    ]
  }
}

インスタンス起動時にGCRのコンテナイメージを取得します。

metadata_startup_script = "#!/bin/bash /usr/bin/docker-credential-gcr configure-docker EOF"

メトリクスを取りたいので、Cloud MonitoringとLoggingのコンテナもデプロイします。

  metadata = {
    gce-container-declaration = module.gce-container.metadata_value
    google-logging-enabled    = "true"
    google-monitoring-enabled = "true"
  }