Skip to content

Commit

Permalink
Merge pull request #1 from robcharlwood/BAU-fix-race-condition
Browse files Browse the repository at this point in the history
Bau fix race condition
  • Loading branch information
robcharlwood authored Jul 15, 2020

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
2 parents 8e75eec + 8bae96c commit ab8eda7
Showing 13 changed files with 54 additions and 21 deletions.
7 changes: 7 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -16,6 +16,13 @@ Types of changes are:

## Unreleased

## 1.0.2 - 2020-07-15

## Changed

* Updated the terraform to use ``depends_on`` to fix the race condition issue with Google API and services.
* Updated the README and CHANGELOG to reflect these changes.

## 1.0.1 - 2020-07-15

## Changed
12 changes: 0 additions & 12 deletions README.md
Original file line number Diff line number Diff line change
@@ -47,18 +47,6 @@ terraform plan
terraform apply
```

## A word of caution
The apply might fail on the first run due to a race condition. This terraform enables all the required Google APIs and services for you automatically as part of the build. However, sometimes terraform won't pick up the fact that an API has been enabled in time. In these cases you might see a collection of errors similar to the error below:

```bash
Error: Error creating ManagedZone: googleapi: Error 403: Cloud DNS API has not been used in project 975128182755 before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/dns.googleapis.com/overview?project=975128182755 then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry., accessNotConfigured

on dns/main.tf line 1, in resource "google_dns_managed_zone" "public-zone":
1: resource "google_dns_managed_zone" "public-zone" {
```
When this happens, simply leave it a minute or two and then re-apply your terraform. The second run should apply cleanly.
## For those interested
For people with a curious nature, the main meat of the infrastructure that makes multi region load balancing possible lies [here](https://github.com/robcharlwood/multi-region-cloud-run-terraform/blob/master/compute/main.tf#L45-L154).

4 changes: 4 additions & 0 deletions compute/main.tf
Original file line number Diff line number Diff line change
@@ -22,6 +22,8 @@ resource "google_cloud_run_service" "multi-region-cloud-run" {
percent = 100
latest_revision = true
}

depends_on = [var.services]
}

data "google_iam_policy" "cloud-run-no-auth" {
@@ -39,6 +41,7 @@ resource "google_cloud_run_service_iam_policy" "cloud-run-no-auth-policy" {
project = element(google_cloud_run_service.multi-region-cloud-run.*.project, count.index)
service = element(google_cloud_run_service.multi-region-cloud-run.*.name, count.index)
policy_data = data.google_iam_policy.cloud-run-no-auth.policy_data
depends_on = [var.services]
}


@@ -149,6 +152,7 @@ resource "null_resource" "load-balancer-and-serverless-negs" {
}

depends_on = [
var.services,
google_cloud_run_service.multi-region-cloud-run.0,
google_cloud_run_service.multi-region-cloud-run.1,
google_cloud_run_service.multi-region-cloud-run.2,
4 changes: 4 additions & 0 deletions compute/variables.tf
Original file line number Diff line number Diff line change
@@ -38,3 +38,7 @@ variable "ssl_cert_name" {
description = "Name of the managed SSL certificate resource"
type = string
}

variable "services" {
description = "Google APIs and Services"
}
6 changes: 5 additions & 1 deletion dns/main.tf
Original file line number Diff line number Diff line change
@@ -2,6 +2,7 @@ resource "google_dns_managed_zone" "public-zone" {
name = replace(var.domain, ".", "-")
dns_name = "${var.domain}."
description = "Domain for public site"
depends_on = [var.services]
}

resource "google_dns_record_set" "ns" {
@@ -10,7 +11,8 @@ resource "google_dns_record_set" "ns" {
type = "NS"
ttl = 60

rrdatas = google_dns_managed_zone.public-zone.name_servers
rrdatas = google_dns_managed_zone.public-zone.name_servers
depends_on = [var.services]
}

resource "google_dns_record_set" "a" {
@@ -22,6 +24,7 @@ resource "google_dns_record_set" "a" {
rrdatas = [
var.static_ip,
]
depends_on = [var.services]
}

resource "google_dns_record_set" "a_www" {
@@ -33,4 +36,5 @@ resource "google_dns_record_set" "a_www" {
rrdatas = [
var.static_ip,
]
depends_on = [var.services]
}
4 changes: 4 additions & 0 deletions dns/variables.tf
Original file line number Diff line number Diff line change
@@ -5,3 +5,7 @@ variable "static_ip" {
variable "domain" {
description = "Domain name without prefixes e.g. example.com"
}

variable "services" {
description = "Google APIs and Services"
}
13 changes: 9 additions & 4 deletions main.tf
Original file line number Diff line number Diff line change
@@ -29,22 +29,26 @@ provider "random" {
}

module "network" {
source = "./network"
source = "./network"
services = google_project_service.service
}

module "ssl" {
source = "./ssl"
domain = var.domain
source = "./ssl"
domain = var.domain
services = google_project_service.service
}

module "dns" {
source = "./dns"
static_ip = module.network.static_ip
domain = var.domain
services = google_project_service.service
}

module "service-accounts" {
source = "./service-accounts"
source = "./service-accounts"
services = google_project_service.service
}

module "compute" {
@@ -53,6 +57,7 @@ module "compute" {
image_version = var.image_version
registry = var.registry
project = var.project
services = google_project_service.service
service_account_email = module.service-accounts.cloud_run_email
static_ip_name = module.network.name
ssl_cert_name = module.ssl.name
3 changes: 2 additions & 1 deletion network/main.tf
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
resource "google_compute_global_address" "global-static-ip" {
name = "global-static-ip"
name = "global-static-ip"
depends_on = [var.services]
}
3 changes: 3 additions & 0 deletions network/variables.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
variable "services" {
description = "Google APIs and Services"
}
9 changes: 6 additions & 3 deletions service-accounts/main.tf
Original file line number Diff line number Diff line change
@@ -2,14 +2,17 @@ resource "google_service_account" "cloud-run" {
account_id = "cloud-run"
display_name = "Cloud Run service account"
description = "Cloud Run service account"
depends_on = [var.services]
}

resource "google_service_account_key" "cloud-run-key" {
service_account_id = google_service_account.cloud-run.name
depends_on = [var.services]
}

resource "google_project_iam_member" "cloud-run-service-account" {
count = length(var.cloud_run_service_account_iam_roles)
role = element(var.cloud_run_service_account_iam_roles, count.index)
member = "serviceAccount:${google_service_account.cloud-run.email}"
count = length(var.cloud_run_service_account_iam_roles)
role = element(var.cloud_run_service_account_iam_roles, count.index)
member = "serviceAccount:${google_service_account.cloud-run.email}"
depends_on = [var.services]
}
4 changes: 4 additions & 0 deletions service-accounts/variables.tf
Original file line number Diff line number Diff line change
@@ -3,3 +3,7 @@ variable "cloud_run_service_account_iam_roles" {
default = ["roles/run.serviceAgent"]
description = "List of IAM roles to assign to the Cloud Run service account."
}

variable "services" {
description = "Google APIs and Services"
}
2 changes: 2 additions & 0 deletions ssl/main.tf
Original file line number Diff line number Diff line change
@@ -9,6 +9,7 @@ resource "random_id" "certificate" {
keepers = {
domains = join(",", local.managed_domains)
}
depends_on = [var.services]
}

resource "google_compute_managed_ssl_certificate" "cert" {
@@ -22,4 +23,5 @@ resource "google_compute_managed_ssl_certificate" "cert" {
managed {
domains = local.managed_domains
}
depends_on = [var.services]
}
4 changes: 4 additions & 0 deletions ssl/variables.tf
Original file line number Diff line number Diff line change
@@ -1,3 +1,7 @@
variable "domain" {
description = "Domain name without prefixes e.g. example.com"
}

variable "services" {
description = "Google APIs and Services"
}

0 comments on commit ab8eda7

Please sign in to comment.