Migrated service mesh for fleets to Terraform (#258)

* Migrated service mesh for fleets to Terraform * Added Services GKE cluster to new Mesh fleet config
googleforgames · May 2, 2024 · 1a3e51a · 1a3e51a
1 parent ea29f54
commit 1a3e51a
Show file tree

Hide file tree

Showing 3 changed files with 23 additions and 17 deletions.
diff --git a/infrastructure/agones-gke.tf b/infrastructure/agones-gke.tf
@@ -90,15 +90,25 @@ resource "google_gke_hub_membership" "membership" {
   depends_on = [google_project_service.project]
 }
 
-resource "google_gke_hub_feature" "mesh" {
-  name     = "servicemesh"
+resource "google_gke_hub_feature" "servicemesh" {
   project  = var.project
+  name     = "servicemesh"
   location = "global"
-  provider = google-beta
 
   depends_on = [google_project_service.project]
 }
 
+resource "google_gke_hub_feature_membership" "mesh-member" {
+  for_each   = merge(var.game_gke_standard_clusters, var.game_gke_autopilot_clusters)
+  project    = var.project
+  location   = "global"
+  feature    = google_gke_hub_feature.servicemesh.name
+  membership = google_gke_hub_membership.membership[each.key].membership_id
+  mesh {
+    management = "MANAGEMENT_AUTOMATIC"
+  }
+}
+
 resource "google_compute_firewall" "agones-gameservers" {
   name    = "agones-gameservers"
   project = var.project

diff --git a/infrastructure/services-gke.tf b/infrastructure/services-gke.tf
@@ -145,3 +145,13 @@ resource "google_gke_hub_membership" "services-gke-membership" {
 
   depends_on = [google_project_service.project]
 }
+
+resource "google_gke_hub_feature_membership" "services-gke-mesh" {
+  project    = var.project
+  location   = "global"
+  feature    = google_gke_hub_feature.servicemesh.name
+  membership = google_gke_hub_membership.services-gke-membership.membership_id
+  mesh {
+    management = "MANAGEMENT_AUTOMATIC"
+  }
+}
diff --git a/platform/cloudbuild.yaml b/platform/cloudbuild.yaml
@@ -15,16 +15,6 @@
 serviceAccount: projects/${PROJECT_ID}/serviceAccounts/cloudbuild-cicd@${PROJECT_ID}.iam.gserviceaccount.com
 steps:
 
-  # Deploys Anthos Service Mesh (ASM) to all clusters using the fleet feature API. Since there is no terraform
-  # support for ASM at cluster creation time, this step is performed with platform component deployments so
-  # newly added clusters are configured properly with ASM.
-  - name: gcr.io/google.com/cloudsdktool/cloud-sdk
-    id: fleet-membership
-    script: |
-      export MEMBERSHIPS=$(gcloud container fleet memberships list --format="value(name)" | xargs | sed 's/ /,/g') && \
-      echo Memberships: $MEMBERSHIPS && \
-      gcloud container fleet mesh update --management automatic --memberships "$MEMBERSHIPS"
-
   - name: gcr.io/google.com/cloudsdktool/cloud-sdk
     id: deploy-agones
     dir: agones
@@ -35,8 +25,6 @@ steps:
       --skaffold-file skaffold.yaml \
       --region us-central1
     automapSubstitutions: true
-    waitFor:
-      - fleet-membership
 
   - name: gcr.io/google.com/cloudsdktool/cloud-sdk
     id: deploy-open-match
@@ -48,8 +36,6 @@ steps:
       --skaffold-file skaffold.yaml \
       --region us-central1
     automapSubstitutions: true
-    waitFor:
-      - fleet-membership
 
 options:
   dynamic_substitutions: true