bocan / mastodon-google-cloud Goto Github PK

This rough bit of code will spin up a network and a Google Kubernetes Engine in Google Cloud to let you run Mastodon. It includes a bucket for media, some backup stuff, and a Google SQL (Postgres) database

Home Page: https://mastodon.cloudcauldron.io

License: MIT License

HCL 100.00%

iac mastodon terraform

mastodon-google-cloud's Introduction

< Hello World, I'm Chris Funderburg />

I'm a freelance consultant Cloud Architect / Devops Engineer and run my own company: Cloud Cauldron Limited.
I've just started a contract with MAK SYSTEM as a consultant Senior Platform Engineer. I'm responsible for architecting, building, and supporting a system allowing their applications to be delivered as containers to Kubernetes inside AWS in a safe and compliant manner.
In my youth, I worked at Burger King, washed oil rigs so they could be sold, loaded nuclear and non-nuclear munitions onto F-111 and F-16 aircraft in the US Air Force, worked as a mechanic and then a roofer. Now, I have more than 25 years experience in the IT industry. I've been a developer, a DBA, a system administrator, a release engineer, an infrastructure manager, a NOC engineer, and both a cloud engineer and devops engineer, and as my industry's evolved, a platform engineer.
I'm an expert in public clouds like AWS, Google Cloud, and Azure, infrastructure as code, container building and orchestration, database administration, observability, and software delivery pipelines using Continuous Integration and Continuous Deployment.
Outside of tech, amonst other things, I'm a tree hugging hippy, a keen photographer, an environmentalist (with an Open University Bachelor of Science in "Environmental Management and Technology"), an allotment gardener, a charity trustee, and an occasional Nintendo Switch, Playstation 5, and PC gamer.
📩 Feel free to reach me at [email protected].

📣 Advice Bot!

🛠 My Toolkit

🏆 Github Stats

🤝 Let's stay connected!

LinkedIn Mastodon

"Know, O Prince,

that between the years when the oceans drank Microsoft DOS and the gleaming Windows, and the rise of "The Cloud", there was an Age undreamed of, when shining servers lay spread across the world like blue mantles beneath the stars - Debian, FreeBSD, Slackware, AIX, Solaris with its dark-haired sales women and server towers of spider-haunted mystery, SuSE with its chivalry, Caldera that bordered the pastoral lands of SCO, OpenBSD with its shadow-guarded passwords, RedHat whose Sys Admins wore steel and silk and gold. But the proudest kingdom of the world was Mac OS, reigning supreme in the dreaming west. Hither came Chris the Texan, little-haired, sullen-eyed, MacBook in hand, a builder, a programmer, a sys-admin, a devops engineer, with gigantic melancholies and gigantic mirth, to tread the jewelled server rooms of the earth under his sandled feet."

mastodon-google-cloud's People

Contributors

Stargazers

Watchers

mastodon-google-cloud's Issues

Terraform "Invalid for_each argument" Error

Issue

When running terraform plan or terraform apply this error returns:

Plan: 27 to add, 0 to change, 0 to destroy.
╷
│ Error: Invalid for_each argument
│
│   on .terraform/modules/custom_role/modules/custom_role_iam/main.tf line 85, in resource "google_project_iam_member" "custom_role_member":
│   85:   for_each = var.target_level == "project" ? toset(var.members) : []
│     ├────────────────
│     │ var.members is list of string with 1 element
│     │ var.target_level is "project"
│
│ The "for_each" set includes values derived from resource attributes that cannot be determined
│ until apply, and so Terraform cannot determine the full set of keys that will identify the
│ instances of this resource.
│
│ When working with unknown values in for_each, it's better to use a map value where the keys are
│ defined statically in your configuration and where only the values contain apply-time results.
│
│ Alternatively, you could use the -target planning option to first apply only the resources that
│ the for_each value depends on, and then apply a second time to fully converge.

There are mentions online to append -target=resource to get around this but not sure what this means in the context of this project's Terraform deployment into GCP. I will continue to look but if you've ran into this error that'd help.

Steps to Reproduce

Clone the project
Changed variables
Run terraform init
Run terraform fmt then terraform validate
Run terraform apply

Terraform "SERVICE_NETWORKING_NOT_ENABLED" Error

Issue

When running terraform apply on a new GCP project, this error returned:

╷
│ Error: Error, failed to create instance mastodon-db: googleapi: Error 400: Invalid request: Incorrect Service Networking config for instance: [projectID]:mastodon-db:SERVICE_NETWORKING_NOT_ENABLED., invalid
│
│   with google_sql_database_instance.mastodon_db,
│   on sql.tf line 1, in resource "google_sql_database_instance" "mastodon_db":
│    1: resource "google_sql_database_instance" "mastodon_db" {
│
╵
╷
│ Error: googleapi: Error 404: Not found: project "[projectID]" does not have a subnetwork named "mastodon-gke-subnet-02" in region [region]., notFound
│
│   with module.gke.google_container_cluster.primary,
│   on .terraform/modules/gke/modules/beta-private-cluster/cluster.tf line 22, in resource "google_container_cluster" "primary":
│   22: resource "google_container_cluster" "primary" {

Solution

On a new GCP project, you will need to enable the Service Networking API before running terraform apply. Run this command if you come across this issue to fix:

gcloud services enable servicenetworking.googleapis.com --project=[PSM_PROJECT_NUMBER]

Future Improvement

Have the Terraform file enable the Service Networking API for new project set up

Terraform "have at least 1 private services connection" Error

Issue

When running terraform apply in a new GCP project, this error returns:

│ Error: Error, failed to create instance because the network doesn't have at least 1 private services connection. Please see https://cloud.google.com/sql/docs/mysql/private-ip#network_requirements for how to create this connection.
│
│   with google_sql_database_instance.mastodon_db,
│   on sql.tf line 1, in resource "google_sql_database_instance" "mastodon_db":
│    1: resource "google_sql_database_instance" "mastodon_db" {

Solution

If you come across this issue:

Navigate to VPC Network -> mastodon-vpc
Scroll over until you see the Private Service Connection tab
Click Allocate IP Range, and fill out Name and a custom or automatic IP range to Allocate
Move over to the "Private Connections to Services" tab and click Create Connection
Select "GCP" as the Connected Service Producer and select your allocated IP range created earlier
Run terraform apply again

Future Improvement

We can check if the IAC could handle this set up of a Private Service Connection

bocan / mastodon-google-cloud Goto Github PK

mastodon-google-cloud's Introduction

< Hello World, I'm Chris Funderburg />

📣 Advice Bot!

🛠 My Toolkit

🏆 Github Stats

🤝 Let's stay connected!

"Know, O Prince,

mastodon-google-cloud's People

Contributors

Stargazers

Watchers

mastodon-google-cloud's Issues

Issue

Steps to Reproduce

Issue

Solution

Future Improvement

Issue

Solution

Future Improvement

Recommend Projects

Recommend Topics

Recommend Org