Я пытаюсь использовать terraform для развертывания кластера kubernetes и экземпляра SQL в облаке Google, я пытаюсь разместить их в одном и том же VP C, чтобы модули могли подключаться к экземпляру sql, используя его частный IP. К сожалению, мои модули не могут видеть экземпляр SQL. Я пробовал exe c в них и вручную пинговал частный IP-адрес экземпляра sql, но адрес недоступен. Что мне здесь не хватает? вот мой terraform.tf:
terraform {
backend "gcs" {
bucket = "tf-infrastructure-state"
prefix = "test/simple1"
}
}
// The project-id variable contains project id to use.
variable "project-id" {
type = string
}
variable "database-password" {
type = string
}
variable "region" {
type = string
}
// Now it begins!
// Specify the provider that we're using. Include a default region and project.
provider "google-beta" {
project = var.project-id
region = var.region #"europe-west2"
}
provider "google" {
project = var.project-id
region = var.region
}
// VPC network
resource "google_compute_network" "private_network" {
provider = google-beta
name = "test-private-network"
}
resource "google_compute_global_address" "private_ip_address" {
provider = google-beta
name = "test-private-ip-address"
purpose = "VPC_PEERING"
address_type = "INTERNAL"
prefix_length = 16
network = google_compute_network.private_network.self_link
}
resource "google_service_networking_connection" "private_vpc_connection" {
provider = google-beta
network = google_compute_network.private_network.self_link
service = "servicenetworking.googleapis.com"
reserved_peering_ranges = [google_compute_global_address.private_ip_address.name]
}
resource "google_sql_database_instance" "test-db" {
name = "test-db"
database_version = "POSTGRES_11"
region = var.region
provider = google-beta
depends_on = [google_service_networking_connection.private_vpc_connection]
settings {
# Second-generation instance tiers are based on the machine
# type. See https://cloud.google.com/sql/pricing#pg-pricing for al types.
# NOTE: Only custom machine instance type and shared-core instance type allowed for PostgreSQL database.
tier = "db-f1-micro"
ip_configuration {
ipv4_enabled = true
private_network = google_compute_network.private_network.self_link
}
}
}
resource "google_sql_database" "nlp-api-database" {
name = "test-db"
instance = google_sql_database_instance.test-db.name
}
resource "google_sql_user" "users" {
name = "test-user"
instance = google_sql_database_instance.test-db.name
password = var.database-password
}
resource "google_container_cluster" "test-k8s-cluster" {
name = "test-cluster"
location = var.region
initial_node_count = 1
project = var.project-id
network = google_compute_network.private_network.self_link
depends_on = [google_service_networking_connection.private_vpc_connection]
}
provider "kubernetes" {
host = google_container_cluster.test-k8s-cluster.endpoint
username = google_container_cluster.test-k8s-cluster.master_auth.0.username
password = google_container_cluster.test-k8s-cluster.master_auth.0.password
client_certificate = base64decode(google_container_cluster.test-k8s-cluster.master_auth.0.client_certificate)
client_key = base64decode(google_container_cluster.test-k8s-cluster.master_auth.0.client_key)
cluster_ca_certificate = base64decode(google_container_cluster.test-k8s-cluster.master_auth.0.cluster_ca_certificate)
load_config_file = "false"
// alias = "default"
}
output "db_ip" {
value = google_sql_database_instance.test-db.ip_address
}
output "db_private_ip" {
value = google_sql_database_instance.test-db.private_ip_address
}