Os exemplos a seguir mostram conversões completas de todas as implantações atuais usando a DM Convert.
Modelo de recursos do Kubernetes (KRM) e Config Connector
A definição do Cloud Build a seguir é um exemplo completo que mostra a conversão de uma implantação atual para o KRM, a aquisição de recursos por meio do Config Connector e o abandono da implantação do Deployment Manager.
Para começar, execute este comando:
gcloud projects add-iam-policy-binding ${PROJECT_ID} \
--member=serviceAccount:${PROJECT_NUMBER}@cloudbuild.gserviceaccount.com \
--role=roles/container.developer
gcloud projects add-iam-policy-binding ${PROJECT_ID} \
--member=serviceAccount:${PROJECT_NUMBER}@cloudbuild.gserviceaccount.com \
--role=roles/deploymentmanager.editor
Salve a definição do Cloud Build em cloudbuild.yaml
:
steps:
# Retrieve the DM configuration from the existing deployment
# and back it up as a build artifact in case we want to access it later
- id: '[FETCH_DM_CONFIG]'
name: 'gcr.io/google.com/cloudsdktool/cloud-sdk'
entrypoint: 'sh'
args:
- '-c'
- |
# Fetch the latest manifest for the given deployment
MANIFEST_NAME=$(gcloud deployment-manager deployments describe ${_DEPLOYMENT_NAME} \
--project $PROJECT_ID --format="value(deployment.manifest)" |\
grep -oEi "manifest-[0-9]+")
# Fetch the expanded config for the given manifest and save
# it to /workdir/${_DEPLOYMENT_NAME}.yaml
gcloud deployment-manager manifests describe $$MANIFEST_NAME \
--deployment ${_DEPLOYMENT_NAME} --project $PROJECT_ID \
--format="value(expandedConfig)" > ${_DEPLOYMENT_NAME}.yaml
- id: '[CONVERT_DM_CONFIG]'
name: 'us-central1-docker.pkg.dev/dm-convert-host/deployment-manager/dm-convert:public-preview'
args: ['--config', '${_DEPLOYMENT_NAME}.yaml',
'--project_id', '$PROJECT_ID',
'--project_number', '$PROJECT_NUMBER',
'--output_format', 'KRM',
'--output_file', '${_DEPLOYMENT_NAME}-krm.yaml',
'--deployment_name', '${_DEPLOYMENT_NAME}']
# Apply ${_DEPLOYMENT_NAME}-krm.yaml using Config Connector
# Alternatively, you can fetch the converted KRM files from
# ${_CONFIG_STORAGE_BUCKET} and run `kubectl apply -f` on it.
- id: '[APPLY_USING_CONFIG_CONNECTOR]'
name: 'gcr.io/cloud-builders/kubectl'
args:
- '--namespace'
- '${_KUBECTL_NAMESPACE}'
- 'apply'
- '-f'
- '${_DEPLOYMENT_NAME}-krm.yaml'
env:
- 'CLOUDSDK_COMPUTE_REGION=${_CLUSTER_REGION}'
- 'CLOUDSDK_COMPUTE_ZONE=${_CLUSTER_ZONE}'
- 'CLOUDSDK_CONTAINER_CLUSTER=${_CLUSTER_NAME}'
- id: '[WAIT_FOR_RESOURCES]'
name: 'gcr.io/cloud-builders/kubectl'
args:
- '--namespace'
- '${_KUBECTL_NAMESPACE}'
- 'wait'
- '--for=condition=Ready'
- '--timeout=5m'
- '-f'
- '${_DEPLOYMENT_NAME}-krm.yaml'
env:
- 'CLOUDSDK_COMPUTE_REGION=${_CLUSTER_REGION}'
- 'CLOUDSDK_COMPUTE_ZONE=${_CLUSTER_ZONE}'
- 'CLOUDSDK_CONTAINER_CLUSTER=${_CLUSTER_NAME}'
# Lastly, let's abandon the DM deployment to allow Config Connector to
# manage it moving forward
- id: '[ABANDON_DM_DEPLOYMENT]'
name: 'gcr.io/google.com/cloudsdktool/cloud-sdk'
entrypoint: 'sh'
args:
- '-c'
- gcloud deployment-manager deployments delete ${_DEPLOYMENT_NAME} --delete-policy=ABANDON -q
# Store the fetched DM manifest and converted KRM configuration
artifacts:
objects:
location: '${_BUCKET_URI}'
paths: ['${_DEPLOYMENT_NAME}.yaml', '${_DEPLOYMENT_NAME}-krm.yaml']
substitutions:
# Deployment Manager deployment name
_DEPLOYMENT_NAME: ''
# Region of the cluster, if the cluster is regional
_CLUSTER_REGION: ''
# Zone of the cluster, if the cluster is zonal
_CLUSTER_ZONE: ''
_CLUSTER_NAME: ''
_KUBECTL_NAMESPACE: ''
Para invocar essa amostra, execute um dos seguintes comandos:
# If the GKE cluster is regional:
gcloud builds submit . --substitutions=_DEPLOYMENT_NAME=my-deployment,_BUCKET_URI=$BUCKET_URI,_KUBECTL_NAMESPACE=cnrm-system,_CLUSTER_REGION=us-west1,_CLUSTER_NAME=kcc-cluster
# If the GKE cluster is zonal:
gcloud builds submit . --substitutions=_DEPLOYMENT_NAME=my-deployment,_BUCKET_URI=$BUCKET_URI,_KUBECTL_NAMESPACE=cnrm-system,_CLUSTER_ZONE=us-west1-b,_CLUSTER_NAME=kcc-cluster
Terraform
A definição do Cloud Build a seguir é um exemplo completo da conversão de uma implantação atual para o Terraform, o abandono da implantação do Deployment Manager e o provisionamento de recursos por meio do Terraform.
Para começar, execute este comando:
gcloud projects add-iam-policy-binding ${PROJECT_ID} \
--member=serviceAccount:${PROJECT_NUMBER}@cloudbuild.gserviceaccount.com \
--role=roles/container.developer
gcloud projects add-iam-policy-binding ${PROJECT_ID} \
--member=serviceAccount:${PROJECT_NUMBER}@cloudbuild.gserviceaccount.com \
--role=roles/deploymentmanager.editor
Salve a seguinte definição do Cloud Build em cloudbuild.yaml
:
steps:
# Retrieve the DM configuration from the existing deployment
# and back it up as a build artifact in case we want to access it later
- id: '[FETCH_DM_CONFIG]'
name: 'gcr.io/google.com/cloudsdktool/cloud-sdk'
entrypoint: 'sh'
args:
- '-c'
- |
# Fetch the latest manifest for the given deployment
MANIFEST_NAME=$(gcloud deployment-manager deployments describe ${_DEPLOYMENT_NAME} \
--project $PROJECT_ID --format="value(deployment.manifest)" |\
grep -oEi "manifest-[0-9]+")
# Fetch the expanded config for the given manifest and save
# it to /workdir/${_DEPLOYMENT_NAME}.yaml
gcloud deployment-manager manifests describe $$MANIFEST_NAME \
--deployment ${_DEPLOYMENT_NAME} --project $PROJECT_ID \
--format="value(expandedConfig)" > ${_DEPLOYMENT_NAME}.yaml
- id: '[CONVERT_DM_CONFIG]'
name: 'us-central1-docker.pkg.dev/dm-convert-host/deployment-manager/dm-convert:public-preview'
args: ['--config', '${_DEPLOYMENT_NAME}.yaml',
'--project_id', '$PROJECT_ID',
'--project_number', '$PROJECT_NUMBER',
'--output_format', 'TF',
'--output_file', '${_DEPLOYMENT_NAME}.tf',
'--deployment_name', '${_DEPLOYMENT_NAME}']
# Delete the DM deployment to allow Terraform to manage it moving forward
- id: '[ABANDON_DM_DEPLOYMENT]'
name: 'gcr.io/google.com/cloudsdktool/cloud-sdk'
entrypoint: 'sh'
args:
- '-c'
- |
gcloud deployment-manager deployments delete ${_DEPLOYMENT_NAME} -q
# Apply ${_DEPLOYMENT_NAME}.yaml using Terraform
- id: '[APPLY_USING_TERRAFORM]'
name: 'hashicorp/terraform'
entrypoint: 'sh'
args:
- '-c'
- |
echo "*************** TERRAFORM INIT ******************"
terraform init
echo "*************** TERRAFORM APPLY ******************"
terraform apply --auto-approve
# Store the fetched DM manifest and converted TF configuration
artifacts:
objects:
location: '${_BUCKET_URI}'
paths: ['${_DEPLOYMENT_NAME}.yaml', '${_DEPLOYMENT_NAME}.tf']
Em seguida, execute o comando:
gcloud builds submit . --substitutions=_DEPLOYMENT_NAME=my-deployment,_BUCKET_URI=$BUCKET_URI