-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathvariables.tf
183 lines (159 loc) · 4.74 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
// Required arguments:
variable "app_name" {
description = "A name for the application. Use alphanumerics and hyphens only."
type = string
}
variable "subdomain" {
description = <<EOT
Subdomain where the application should run. The 'domain' variable is suffixed
onto this to form the hostname.
EOT
type = string
}
variable "container_image" {
description = <<EOT
A reference to a container image that should be run as the main application.
This image should accept HTTP traffic at the internal port. An example valid value would
be 'docker.io/library/httpd:latest'.
EOT
type = string
}
variable "internal_port" {
description = <<EOT
The port on which the application in the container is expected to listen.
EOT
type = number
default = 80
}
variable "healthcheck_path" {
description = <<EOT
HTTP path to query to make sure that the application is healthy. This should be
specified as a path, like "/health", not as a full URL.
Kubernetes will issue an HTTP GET to this address at the internal port every 10 seconds.
See the Kubernetes documentation on liveness probes for more information:
https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/,
EOT
type = string
}
variable "healthcheck_headers" {
type = list(object({
name = string
value = string
}))
default = []
description = <<EOT
HTTP headers to be set on healthcheck requests.
See https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#http-probes
for documentation, including the default headers.
EOT
}
variable "env_vars" {
type = list(object({
name = string
value = string
}))
default = []
description = "Environment variables to provide to the application container"
}
variable "standard_tags" {
description = <<EOT
Standard tags for all SCIMMA resources.
EOT
type = object({
Service = string,
Criticality = string,
OwnerEmail = string,
createdBy = string,
repo = string,
lifetime = string
})
}
// Required resources:
variable "iam_policy_json" {
description = <<EOT
JSON of an IAM policy to attach to a generated IAM role which will be assumed
by the Kubernetes service that runs the application.
EOT
type = string
}
// Optional resources:
variable "eks_cluster_name" {
description = "Name of the EKS cluster to run on."
type = string
default = "hopDevelEksCluster"
}
variable "route53_zone_id" {
description = <<EOT
The ID of an external Route53 DNS zone. For most SCIMMA users, this should be
the hopZoneId from network module, which is the default. If you want to be a bit
more robust, you can load it like this:
data "terraform_remote_state" "network" {
backend = "s3"
config = {
bucket = var.stateBucketPrefix
key = "network"
region = var.awsRegion
}
}
locals {
zone_id = data.terraform_remote_state.network.outputs.hopExternalDnsZoneId
}
EOT
default = "Z05882683EEMG8KHBM55X"
type = string
}
// Optional arguments:
variable "domain" {
description = <<EOT
Domain name where the application should run. The 'subdomain' variable is
prefixed onto this to form the hostname.
EOT
default = "dev.hop.scimma.org"
}
variable "cert_alternative_names" {
description = <<EOT
A mapping of Subject Alternative Names which should be included on the service's certificate to
the IDs of route53 DNS zones in which those names reside.
EOT
type = map(string)
default = {}
}
variable "resource_limits" {
description = "Limits on how much CPU and memory should be accessible per instance of the service."
type = object({ cpu = string, memory = string })
default = {
cpu = "0.5"
memory = "512Mi"
}
}
variable "resource_requests" {
description = "Requested CPU and memory per instance of the service."
type = object({ cpu = string, memory = string })
default = {
cpu = "0.25"
memory = "50Mi"
}
}
variable "route53_internal_zone_id" {
description = <<EOT
The ID of an internal Route53 DNS zone.
This is optional, and if left empty, no DNS record will be created in an internal zone.
Creating a record in an internal zone is needed only if other services must be
able to resolve this service using its external name.
If needed, this should usually be the hopInternalDnsZoneId from network module.
If you want to be a bit more robust, you can load it like this:
data "terraform_remote_state" "network" {
backend = "s3"
config = {
bucket = var.stateBucketPrefix
key = "network"
region = var.awsRegion
}
}
locals {
internal_zone_id = data.terraform_remote_state.network.outputs.hopInternalDnsZoneId
}
EOT
default = ""
type = string
}