Beispiele für Konvertierungen mit DM Convert

Die folgenden Beispiele zeigen vollständige End-to-End-Konvertierungen vorhandener Bereitstellungen mithilfe von DM Convert.

Kubernetes-Ressourcenmodell (KRM) und Config Connector

Die folgende Cloud Build-Definition ist ein vollständiges End-to-End-Beispiel, das die Konvertierung eines vorhandenen Deployments zu KRM, die Gewinnung von Ressourcen über Config Connector und den Abbruch der Deployment Manager-Bereitstellung zeigt.

Führen Sie zuerst den folgenden Befehl aus:

gcloud projects add-iam-policy-binding ${PROJECT_ID} \
--member=serviceAccount:${PROJECT_NUMBER}@cloudbuild.gserviceaccount.com \
--role=roles/container.developer

gcloud projects add-iam-policy-binding ${PROJECT_ID} \
--member=serviceAccount:${PROJECT_NUMBER}@cloudbuild.gserviceaccount.com \
--role=roles/deploymentmanager.editor

Speichern Sie die Cloud Build-Definition in cloudbuild.yaml:

steps:
# Retrieve the DM configuration from the existing deployment
# and back it up as a build artifact in case we want to access it later
- id: '[FETCH_DM_CONFIG]'
  name: 'gcr.io/google.com/cloudsdktool/cloud-sdk'
  entrypoint: 'sh'
  args:
  - '-c'
  - |
      # Fetch the latest manifest for the given deployment
      MANIFEST_NAME=$(gcloud deployment-manager deployments describe ${_DEPLOYMENT_NAME} \
        --project $PROJECT_ID --format="value(deployment.manifest)" |\
        grep -oEi "manifest-[0-9]+")
      # Fetch the expanded config for the given manifest and save
      # it to /workdir/${_DEPLOYMENT_NAME}.yaml
      gcloud deployment-manager manifests describe $$MANIFEST_NAME \
        --deployment ${_DEPLOYMENT_NAME} --project $PROJECT_ID \
        --format="value(expandedConfig)" > ${_DEPLOYMENT_NAME}.yaml

- id: '[CONVERT_DM_CONFIG]'
  name: 'us-central1-docker.pkg.dev/dm-convert-host/deployment-manager/dm-convert:public-preview'
  args: ['--config', '${_DEPLOYMENT_NAME}.yaml',
         '--project_id', '$PROJECT_ID',
          '--project_number', '$PROJECT_NUMBER',
          '--output_format', 'KRM',
          '--output_file', '${_DEPLOYMENT_NAME}-krm.yaml',
          '--deployment_name', '${_DEPLOYMENT_NAME}']

# Apply ${_DEPLOYMENT_NAME}-krm.yaml using Config Connector
# Alternatively, you can fetch the converted KRM files from
# ${_CONFIG_STORAGE_BUCKET} and run `kubectl apply -f` on it.
- id: '[APPLY_USING_CONFIG_CONNECTOR]'
  name: 'gcr.io/cloud-builders/kubectl'
  args:
  - '--namespace'
  - '${_KUBECTL_NAMESPACE}'
  - 'apply'
  - '-f'
  - '${_DEPLOYMENT_NAME}-krm.yaml'
  env:
  - 'CLOUDSDK_COMPUTE_REGION=${_CLUSTER_REGION}'
  - 'CLOUDSDK_COMPUTE_ZONE=${_CLUSTER_ZONE}'
  - 'CLOUDSDK_CONTAINER_CLUSTER=${_CLUSTER_NAME}'

- id: '[WAIT_FOR_RESOURCES]'
  name: 'gcr.io/cloud-builders/kubectl'
  args:
  - '--namespace'
  - '${_KUBECTL_NAMESPACE}'
  - 'wait'
  - '--for=condition=Ready'
  - '--timeout=5m'
  - '-f'
  - '${_DEPLOYMENT_NAME}-krm.yaml'
  env:
  - 'CLOUDSDK_COMPUTE_REGION=${_CLUSTER_REGION}'
  - 'CLOUDSDK_COMPUTE_ZONE=${_CLUSTER_ZONE}'
  - 'CLOUDSDK_CONTAINER_CLUSTER=${_CLUSTER_NAME}'

# Lastly, let's abandon the DM deployment to allow Config Connector to
# manage it moving forward
- id: '[ABANDON_DM_DEPLOYMENT]'
  name: 'gcr.io/google.com/cloudsdktool/cloud-sdk'
  entrypoint: 'sh'
  args:
  - '-c'
  - gcloud deployment-manager deployments delete ${_DEPLOYMENT_NAME} --delete-policy=ABANDON -q

# Store the fetched DM manifest and converted KRM configuration
artifacts:
  objects:
    location: '${_BUCKET_URI}'
    paths: ['${_DEPLOYMENT_NAME}.yaml', '${_DEPLOYMENT_NAME}-krm.yaml']

substitutions:
  # Deployment Manager deployment name
  _DEPLOYMENT_NAME: ''
  # Region of the cluster, if the cluster is regional
  _CLUSTER_REGION: ''
  # Zone of the cluster, if the cluster is zonal
  _CLUSTER_ZONE: ''
  _CLUSTER_NAME: ''
  _KUBECTL_NAMESPACE: ''

Führen Sie einen der folgenden Befehle aus, um dieses Beispiel aufzurufen:

# If the GKE cluster is regional:
gcloud builds submit . --substitutions=_DEPLOYMENT_NAME=my-deployment,_BUCKET_URI=$BUCKET_URI,_KUBECTL_NAMESPACE=cnrm-system,_CLUSTER_REGION=us-west1,_CLUSTER_NAME=kcc-cluster

# If the GKE cluster is zonal:
gcloud builds submit . --substitutions=_DEPLOYMENT_NAME=my-deployment,_BUCKET_URI=$BUCKET_URI,_KUBECTL_NAMESPACE=cnrm-system,_CLUSTER_ZONE=us-west1-b,_CLUSTER_NAME=kcc-cluster

Terraform

Die folgende Cloud Build-Definition ist ein vollständiges End-to-End-Beispiel der Konvertierung einer vorhandenen Bereitstellung in Terraform, des Abbruchs der Deployment Manager-Bereitstellung und der Bereitstellung von Ressourcen über Terraform.

Führen Sie zuerst den folgenden Befehl aus:

gcloud projects add-iam-policy-binding ${PROJECT_ID} \
--member=serviceAccount:${PROJECT_NUMBER}@cloudbuild.gserviceaccount.com \
--role=roles/container.developer

gcloud projects add-iam-policy-binding ${PROJECT_ID} \
--member=serviceAccount:${PROJECT_NUMBER}@cloudbuild.gserviceaccount.com \
--role=roles/deploymentmanager.editor

Speichern Sie die folgende Cloud Build-Definition in cloudbuild.yaml:

steps:
# Retrieve the DM configuration from the existing deployment
# and back it up as a build artifact in case we want to access it later
- id: '[FETCH_DM_CONFIG]'
  name: 'gcr.io/google.com/cloudsdktool/cloud-sdk'
  entrypoint: 'sh'
  args:
  - '-c'
  - |
      # Fetch the latest manifest for the given deployment
      MANIFEST_NAME=$(gcloud deployment-manager deployments describe ${_DEPLOYMENT_NAME} \
        --project $PROJECT_ID --format="value(deployment.manifest)" |\
        grep -oEi "manifest-[0-9]+")
      # Fetch the expanded config for the given manifest and save
      # it to /workdir/${_DEPLOYMENT_NAME}.yaml
      gcloud deployment-manager manifests describe $$MANIFEST_NAME \
        --deployment ${_DEPLOYMENT_NAME} --project $PROJECT_ID \
        --format="value(expandedConfig)" > ${_DEPLOYMENT_NAME}.yaml

- id: '[CONVERT_DM_CONFIG]'
  name: 'us-central1-docker.pkg.dev/dm-convert-host/deployment-manager/dm-convert:public-preview'
  args: ['--config', '${_DEPLOYMENT_NAME}.yaml',
         '--project_id', '$PROJECT_ID',
          '--project_number', '$PROJECT_NUMBER',
          '--output_format', 'TF',
          '--output_file', '${_DEPLOYMENT_NAME}.tf',
          '--deployment_name', '${_DEPLOYMENT_NAME}']

# Delete the DM deployment to allow Terraform to manage it moving forward
- id: '[ABANDON_DM_DEPLOYMENT]'
  name: 'gcr.io/google.com/cloudsdktool/cloud-sdk'
  entrypoint: 'sh'
  args:
  - '-c'
  - |
      gcloud deployment-manager deployments delete ${_DEPLOYMENT_NAME} -q

# Apply ${_DEPLOYMENT_NAME}.yaml using Terraform
- id: '[APPLY_USING_TERRAFORM]'
  name: 'hashicorp/terraform'
  entrypoint: 'sh'
  args:
  - '-c'
  - |
      echo "*************** TERRAFORM INIT ******************"
      terraform init
      echo "*************** TERRAFORM APPLY ******************"
      terraform apply --auto-approve

# Store the fetched DM manifest and converted TF configuration
artifacts:
  objects:
    location: '${_BUCKET_URI}'
    paths: ['${_DEPLOYMENT_NAME}.yaml', '${_DEPLOYMENT_NAME}.tf']

Führen Sie dann den folgenden Befehl aus:

gcloud builds submit . --substitutions=_DEPLOYMENT_NAME=my-deployment,_BUCKET_URI=$BUCKET_URI