Les exemples suivants illustrent les conversions complètes de bout en bout des déploiements existants à l'aide de DM Convert.
Modèle de ressource Kubernetes (KRM) et Config Connector
La définition Cloud Build suivante est un exemple complet de bout en bout qui montre la conversion d'un déploiement existant vers KRM, l'acquisition de ressources via Config Connector et l'abandon du déploiement de Deployment Manager.
Pour commencer, exécutez la commande suivante :
gcloud projects add-iam-policy-binding ${PROJECT_ID} \
--member=serviceAccount:${PROJECT_NUMBER}@cloudbuild.gserviceaccount.com \
--role=roles/container.developer
gcloud projects add-iam-policy-binding ${PROJECT_ID} \
--member=serviceAccount:${PROJECT_NUMBER}@cloudbuild.gserviceaccount.com \
--role=roles/deploymentmanager.editor
Enregistrez la définition Cloud Build dans cloudbuild.yaml
:
steps:
# Retrieve the DM configuration from the existing deployment
# and back it up as a build artifact in case we want to access it later
- id: '[FETCH_DM_CONFIG]'
name: 'gcr.io/google.com/cloudsdktool/cloud-sdk'
entrypoint: 'sh'
args:
- '-c'
- |
# Fetch the latest manifest for the given deployment
MANIFEST_NAME=$(gcloud deployment-manager deployments describe ${_DEPLOYMENT_NAME} \
--project $PROJECT_ID --format="value(deployment.manifest)" |\
grep -oEi "manifest-[0-9]+")
# Fetch the expanded config for the given manifest and save
# it to /workdir/${_DEPLOYMENT_NAME}.yaml
gcloud deployment-manager manifests describe $$MANIFEST_NAME \
--deployment ${_DEPLOYMENT_NAME} --project $PROJECT_ID \
--format="value(expandedConfig)" > ${_DEPLOYMENT_NAME}.yaml
- id: '[CONVERT_DM_CONFIG]'
name: 'us-central1-docker.pkg.dev/dm-convert-host/deployment-manager/dm-convert:public-preview'
args: ['--config', '${_DEPLOYMENT_NAME}.yaml',
'--project_id', '$PROJECT_ID',
'--project_number', '$PROJECT_NUMBER',
'--output_format', 'KRM',
'--output_file', '${_DEPLOYMENT_NAME}-krm.yaml',
'--deployment_name', '${_DEPLOYMENT_NAME}']
# Apply ${_DEPLOYMENT_NAME}-krm.yaml using Config Connector
# Alternatively, you can fetch the converted KRM files from
# ${_CONFIG_STORAGE_BUCKET} and run `kubectl apply -f` on it.
- id: '[APPLY_USING_CONFIG_CONNECTOR]'
name: 'gcr.io/cloud-builders/kubectl'
args:
- '--namespace'
- '${_KUBECTL_NAMESPACE}'
- 'apply'
- '-f'
- '${_DEPLOYMENT_NAME}-krm.yaml'
env:
- 'CLOUDSDK_COMPUTE_REGION=${_CLUSTER_REGION}'
- 'CLOUDSDK_COMPUTE_ZONE=${_CLUSTER_ZONE}'
- 'CLOUDSDK_CONTAINER_CLUSTER=${_CLUSTER_NAME}'
- id: '[WAIT_FOR_RESOURCES]'
name: 'gcr.io/cloud-builders/kubectl'
args:
- '--namespace'
- '${_KUBECTL_NAMESPACE}'
- 'wait'
- '--for=condition=Ready'
- '--timeout=5m'
- '-f'
- '${_DEPLOYMENT_NAME}-krm.yaml'
env:
- 'CLOUDSDK_COMPUTE_REGION=${_CLUSTER_REGION}'
- 'CLOUDSDK_COMPUTE_ZONE=${_CLUSTER_ZONE}'
- 'CLOUDSDK_CONTAINER_CLUSTER=${_CLUSTER_NAME}'
# Lastly, let's abandon the DM deployment to allow Config Connector to
# manage it moving forward
- id: '[ABANDON_DM_DEPLOYMENT]'
name: 'gcr.io/google.com/cloudsdktool/cloud-sdk'
entrypoint: 'sh'
args:
- '-c'
- gcloud deployment-manager deployments delete ${_DEPLOYMENT_NAME} --delete-policy=ABANDON -q
# Store the fetched DM manifest and converted KRM configuration
artifacts:
objects:
location: '${_BUCKET_URI}'
paths: ['${_DEPLOYMENT_NAME}.yaml', '${_DEPLOYMENT_NAME}-krm.yaml']
substitutions:
# Deployment Manager deployment name
_DEPLOYMENT_NAME: ''
# Region of the cluster, if the cluster is regional
_CLUSTER_REGION: ''
# Zone of the cluster, if the cluster is zonal
_CLUSTER_ZONE: ''
_CLUSTER_NAME: ''
_KUBECTL_NAMESPACE: ''
Pour appeler cet exemple, exécutez l'une des commandes suivantes :
# If the GKE cluster is regional:
gcloud builds submit . --substitutions=_DEPLOYMENT_NAME=my-deployment,_BUCKET_URI=$BUCKET_URI,_KUBECTL_NAMESPACE=cnrm-system,_CLUSTER_REGION=us-west1,_CLUSTER_NAME=kcc-cluster
# If the GKE cluster is zonal:
gcloud builds submit . --substitutions=_DEPLOYMENT_NAME=my-deployment,_BUCKET_URI=$BUCKET_URI,_KUBECTL_NAMESPACE=cnrm-system,_CLUSTER_ZONE=us-west1-b,_CLUSTER_NAME=kcc-cluster
Terraform
La définition Cloud Build suivante est un exemple complet de bout en bout de la conversion d'un déploiement existant vers Terraform, de l'abandon du déploiement de Deployment Manager et du provisionnement des ressources via Terraform.
Pour commencer, exécutez la commande suivante :
gcloud projects add-iam-policy-binding ${PROJECT_ID} \
--member=serviceAccount:${PROJECT_NUMBER}@cloudbuild.gserviceaccount.com \
--role=roles/container.developer
gcloud projects add-iam-policy-binding ${PROJECT_ID} \
--member=serviceAccount:${PROJECT_NUMBER}@cloudbuild.gserviceaccount.com \
--role=roles/deploymentmanager.editor
Enregistrez la définition Cloud Build suivante dans cloudbuild.yaml
:
steps:
# Retrieve the DM configuration from the existing deployment
# and back it up as a build artifact in case we want to access it later
- id: '[FETCH_DM_CONFIG]'
name: 'gcr.io/google.com/cloudsdktool/cloud-sdk'
entrypoint: 'sh'
args:
- '-c'
- |
# Fetch the latest manifest for the given deployment
MANIFEST_NAME=$(gcloud deployment-manager deployments describe ${_DEPLOYMENT_NAME} \
--project $PROJECT_ID --format="value(deployment.manifest)" |\
grep -oEi "manifest-[0-9]+")
# Fetch the expanded config for the given manifest and save
# it to /workdir/${_DEPLOYMENT_NAME}.yaml
gcloud deployment-manager manifests describe $$MANIFEST_NAME \
--deployment ${_DEPLOYMENT_NAME} --project $PROJECT_ID \
--format="value(expandedConfig)" > ${_DEPLOYMENT_NAME}.yaml
- id: '[CONVERT_DM_CONFIG]'
name: 'us-central1-docker.pkg.dev/dm-convert-host/deployment-manager/dm-convert:public-preview'
args: ['--config', '${_DEPLOYMENT_NAME}.yaml',
'--project_id', '$PROJECT_ID',
'--project_number', '$PROJECT_NUMBER',
'--output_format', 'TF',
'--output_file', '${_DEPLOYMENT_NAME}.tf',
'--deployment_name', '${_DEPLOYMENT_NAME}']
# Delete the DM deployment to allow Terraform to manage it moving forward
- id: '[ABANDON_DM_DEPLOYMENT]'
name: 'gcr.io/google.com/cloudsdktool/cloud-sdk'
entrypoint: 'sh'
args:
- '-c'
- |
gcloud deployment-manager deployments delete ${_DEPLOYMENT_NAME} -q
# Apply ${_DEPLOYMENT_NAME}.yaml using Terraform
- id: '[APPLY_USING_TERRAFORM]'
name: 'hashicorp/terraform'
entrypoint: 'sh'
args:
- '-c'
- |
echo "*************** TERRAFORM INIT ******************"
terraform init
echo "*************** TERRAFORM APPLY ******************"
terraform apply --auto-approve
# Store the fetched DM manifest and converted TF configuration
artifacts:
objects:
location: '${_BUCKET_URI}'
paths: ['${_DEPLOYMENT_NAME}.yaml', '${_DEPLOYMENT_NAME}.tf']
Exécutez ensuite la commande suivante :
gcloud builds submit . --substitutions=_DEPLOYMENT_NAME=my-deployment,_BUCKET_URI=$BUCKET_URI