gcp: Switch placeholder integration test from Internal to Public LB

2023-03-16 07:03:40 +02:00 · 2023-03-16 07:03:40 +02:00 · dc5fa01b02
parent 8f2236e3ea
commit dc5fa01b02
3 changed files with 43 additions and 22 deletions
--- a/tests/integration/update_cluster/minimal_gce_plb/data/aws_s3_object_cluster-completed.spec_content
+++ b/tests/integration/update_cluster/minimal_gce_plb/data/aws_s3_object_cluster-completed.spec_content
@ -8,7 +8,7 @@ spec:
    loadBalancer:
      subnets:
      - name: us-test-1
-      type: Internal
+      type: Public
      useForInternalApi: true
  authorization:
    rbac: {}
--- a/tests/integration/update_cluster/minimal_gce_plb/in-v1alpha2.yaml
+++ b/tests/integration/update_cluster/minimal_gce_plb/in-v1alpha2.yaml
@ -6,7 +6,7 @@ metadata:
 spec:
  api:
    loadBalancer:
-      type: Internal
+      type: Public
      useForInternalApi: true
      subnets:
        - name: us-test-1
--- a/tests/integration/update_cluster/minimal_gce_plb/kubernetes.tf
+++ b/tests/integration/update_cluster/minimal_gce_plb/kubernetes.tf
@ -178,14 +178,8 @@ resource "aws_s3_object" "nodeupconfig-nodes" {
  server_side_encryption = "AES256"
 }

-resource "google_compute_backend_service" "api-minimal-gce-plb-example-com" {
-  backend {
-    group = google_compute_instance_group_manager.a-master-us-test1-a-minimal-gce-plb-example-com.instance_group
-  }
-  health_checks         = [google_compute_health_check.api-minimal-gce-plb-example-com.id]
-  load_balancing_scheme = "INTERNAL_SELF_MANAGED"
-  name                  = "api-minimal-gce-plb-example-com"
-  protocol              = "TCP"
+resource "google_compute_address" "api-minimal-gce-plb-example-com" {
+  name = "api-minimal-gce-plb-example-com"
 }

 resource "google_compute_disk" "a-etcd-events-minimal-gce-plb-example-com" {
@ -212,6 +206,30 @@ resource "google_compute_disk" "a-etcd-main-minimal-gce-plb-example-com" {
  zone = "us-test1-a"
 }

+resource "google_compute_firewall" "https-api-ipv6-minimal-gce-plb-example-com" {
+  allow {
+    ports    = ["443"]
+    protocol = "tcp"
+  }
+  disabled      = false
+  name          = "https-api-ipv6-minimal-gce-plb-example-com"
+  network       = google_compute_network.minimal-gce-plb-example-com.name
+  source_ranges = ["::/0"]
+  target_tags   = ["minimal-gce-plb-example-com-k8s-io-role-control-plane"]
+}
+
+resource "google_compute_firewall" "https-api-minimal-gce-plb-example-com" {
+  allow {
+    ports    = ["443"]
+    protocol = "tcp"
+  }
+  disabled      = false
+  name          = "https-api-minimal-gce-plb-example-com"
+  network       = google_compute_network.minimal-gce-plb-example-com.name
+  source_ranges = ["0.0.0.0/0"]
+  target_tags   = ["minimal-gce-plb-example-com-k8s-io-role-control-plane"]
+}
+
 resource "google_compute_firewall" "master-to-master-minimal-gce-plb-example-com" {
  allow {
    protocol = "tcp"
@ -390,26 +408,23 @@ resource "google_compute_firewall" "ssh-external-to-node-minimal-gce-plb-example
  target_tags   = ["minimal-gce-plb-example-com-k8s-io-role-node"]
 }

-resource "google_compute_forwarding_rule" "us-test-1-minimal-gce-plb-example-com" {
-  backend_service       = google_compute_backend_service.api-minimal-gce-plb-example-com.id
-  ip_protocol           = "TCP"
-  load_balancing_scheme = "INTERNAL"
-  name                  = "us-test-1-minimal-gce-plb-example-com"
-  network               = google_compute_network.minimal-gce-plb-example-com.name
-  ports                 = ["443"]
-  subnetwork            = "us-test-1"
+resource "google_compute_forwarding_rule" "api-minimal-gce-plb-example-com" {
+  ip_address  = google_compute_address.api-minimal-gce-plb-example-com.address
+  ip_protocol = "TCP"
+  name        = "api-minimal-gce-plb-example-com"
+  port_range  = "443-443"
+  target      = google_compute_target_pool.api-minimal-gce-plb-example-com.self_link
 }

-resource "google_compute_health_check" "api-minimal-gce-plb-example-com" {
+resource "google_compute_http_health_check" "api-minimal-gce-plb-example-com" {
  name = "api-minimal-gce-plb-example-com"
-  tcp_health_check {
-    port = 443
-  }
+  port = 3990
 }

 resource "google_compute_instance_group_manager" "a-master-us-test1-a-minimal-gce-plb-example-com" {
  base_instance_name = "master-us-test1-a"
  name               = "a-master-us-test1-a-minimal-gce-plb-example-com"
+  target_pools       = [google_compute_target_pool.api-minimal-gce-plb-example-com.self_link]
  target_size        = 1
  version {
    instance_template = google_compute_instance_template.master-us-test1-a-minimal-gce-plb-example-com.self_link
@ -548,6 +563,12 @@ resource "google_compute_subnetwork" "us-test1-minimal-gce-plb-example-com" {
  region        = "us-test1"
 }

+resource "google_compute_target_pool" "api-minimal-gce-plb-example-com" {
+  description      = ""
+  name             = "api-minimal-gce-plb-example-com"
+  session_affinity = ""
+}
+
 resource "google_project_iam_binding" "serviceaccount-control-plane" {
  members = ["serviceAccount:control-plane-minimal-g-1ohncl@testproject.iam.gserviceaccount.com"]
  project = "testproject"