325 lines
13 KiB
HCL
325 lines
13 KiB
HCL
# =================================================================
|
|
# CLUSTER OKE - NEXUS
|
|
# =================================================================
|
|
# Criacao do Cluster Kubernetes
|
|
module "oke_nexus" {
|
|
source = "./modules/oke_cluster"
|
|
|
|
# Só executa o deploy se a flag global de ativação estiver true
|
|
count = var.oke_nexus_enable ? 1 : 0
|
|
|
|
# --- Identificação e Contexto ---
|
|
tenancy_ocid = var.tenancy_ocid
|
|
oke_cluster_name = var.oke_nexus_cluster_name
|
|
oke_compartment = var.oke_nexus_cluster_compartment_id
|
|
|
|
# --- Rede (Descoberta Automática via local.network) ---
|
|
vcn_id = var.oke_nexus_vcn_id
|
|
|
|
# Como o script criará a rede do zero na VCN informada:
|
|
oke_subnet_api_cidr_block = var.oke_nexus_subnet_api_cidr_block
|
|
oke_subnet_node_cidr_block = var.oke_nexus_subnet_node_cidr_block
|
|
oke_subnet_lb_cidr_block = var.oke_nexus_subnet_lb_cidr_block
|
|
oke_subnet_pods_cidr_block = var.oke_nexus_subnet_pods_cidr_block
|
|
|
|
# --- Configuração de Hardware (Node Pool) ---
|
|
oke_node_shape = var.oke_nexus_node_shape
|
|
oke_nodepool_size = var.oke_nexus_node_count
|
|
oke_node_shape_memory_gb = var.oke_nexus_node_memory_gb
|
|
oke_node_shape_ocpus = var.oke_nexus_node_ocpus
|
|
|
|
# --- Endpoint e Add-ons ---
|
|
oke_api_endpoint_public = var.oke_nexus_api_endpoint_public
|
|
oke_enable_autoscaler = var.oke_nexus_enable_autoscaler
|
|
oke_enable_metric_server = var.oke_nexus_enable_metric_server
|
|
oke_enable_cert_manager = var.oke_nexus_enable_cert_manager
|
|
|
|
# --- Configurações Detalhadas do Autoscaler ---
|
|
oke_autoscaler_min_nodes = var.oke_nexus_autoscaler_min_nodes
|
|
oke_autoscaler_max_nodes = var.oke_nexus_autoscaler_max_nodes
|
|
oke_autoscaler_down_delay_after_add = var.oke_nexus_autoscaler_down_delay_after_add
|
|
oke_autoscaler_down_unneeded_time = var.oke_nexus_autoscaler_down_unneeded_time
|
|
oke_autoscaler_down_unready_time = var.oke_nexus_autoscaler_down_unready_time
|
|
oke_autoscaler_skip_nodes_with_system_pods = var.oke_nexus_autoscaler_skip_nodes_with_system_pods
|
|
}
|
|
# Criacao do provider Kubernetes
|
|
provider "kubernetes" {
|
|
alias = "oke_nexus"
|
|
host = one(module.oke_nexus[*].cluster_endpoint) # Use os outputs do seu módulo
|
|
cluster_ca_certificate = local.oke_nexus_ca != null ? base64decode(local.oke_nexus_ca) : null
|
|
exec {
|
|
api_version = "client.authentication.k8s.io/v1beta1"
|
|
args = ["ce", "cluster", "generate-token", "--cluster-id", coalesce(one(module.oke_nexus[*].cluster_id), "disabled")]
|
|
command = "oci"
|
|
}
|
|
}
|
|
# Criacao do Service Account no Cluster Kubernetes
|
|
module "oke_nexus_service_account" {
|
|
source = "./modules/oke_service_account"
|
|
count = var.oke_nexus_enable ? 1 : 0
|
|
|
|
providers = {
|
|
kubernetes = kubernetes.oke_nexus
|
|
}
|
|
|
|
# Injetando as informações do Vault que vieram do output do módulo
|
|
vault_id = one(module.vault[*].vault_id)
|
|
master_key_id = one(module.vault[*].master_key_id)
|
|
|
|
oke_cluster_id = one(module.oke_nexus[*].cluster_id)
|
|
oke_cluster_name = var.oke_nexus_cluster_name
|
|
oke_compartment = var.oke_nexus_cluster_compartment_id
|
|
}
|
|
|
|
# =================================================================
|
|
# CLUSTER OKE - Barramento
|
|
# =================================================================
|
|
# Criacao do Cluster Kubernetes
|
|
module "oke_bus" {
|
|
source = "./modules/oke_cluster"
|
|
|
|
# Só executa o deploy se a flag global de ativação estiver true
|
|
count = var.oke_bus_enable ? 1 : 0
|
|
|
|
# --- Identificação e Contexto ---
|
|
tenancy_ocid = var.tenancy_ocid
|
|
oke_cluster_name = var.oke_bus_cluster_name
|
|
oke_compartment = var.oke_bus_cluster_compartment_id
|
|
|
|
# --- Rede (Descoberta Automática via local.network) ---
|
|
vcn_id = var.oke_bus_vcn_id
|
|
|
|
# Como o script criará a rede do zero na VCN informada:
|
|
oke_subnet_api_cidr_block = var.oke_bus_subnet_api_cidr_block
|
|
oke_subnet_node_cidr_block = var.oke_bus_subnet_node_cidr_block
|
|
oke_subnet_lb_cidr_block = var.oke_bus_subnet_lb_cidr_block
|
|
oke_subnet_pods_cidr_block = var.oke_bus_subnet_pods_cidr_block
|
|
|
|
# --- Configuração de Hardware (Node Pool) ---
|
|
oke_node_shape = var.oke_bus_node_shape
|
|
oke_nodepool_size = var.oke_bus_node_count
|
|
oke_node_shape_memory_gb = var.oke_bus_node_memory_gb
|
|
oke_node_shape_ocpus = var.oke_bus_node_ocpus
|
|
|
|
# --- Endpoint e Add-ons ---
|
|
oke_api_endpoint_public = var.oke_bus_api_endpoint_public
|
|
oke_enable_autoscaler = var.oke_bus_enable_autoscaler
|
|
oke_enable_metric_server = var.oke_bus_enable_metric_server
|
|
oke_enable_cert_manager = var.oke_bus_enable_cert_manager
|
|
|
|
# --- Configurações Detalhadas do Autoscaler ---
|
|
oke_autoscaler_min_nodes = var.oke_bus_autoscaler_min_nodes
|
|
oke_autoscaler_max_nodes = var.oke_bus_autoscaler_max_nodes
|
|
oke_autoscaler_down_delay_after_add = var.oke_bus_autoscaler_down_delay_after_add
|
|
oke_autoscaler_down_unneeded_time = var.oke_bus_autoscaler_down_unneeded_time
|
|
oke_autoscaler_down_unready_time = var.oke_bus_autoscaler_down_unready_time
|
|
oke_autoscaler_skip_nodes_with_system_pods = var.oke_bus_autoscaler_skip_nodes_with_system_pods
|
|
}
|
|
# Criacao do provider Kubernetes
|
|
provider "kubernetes" {
|
|
alias = "oke_bus"
|
|
host = one(module.oke_bus[*].cluster_endpoint) # Use os outputs do seu módulo
|
|
cluster_ca_certificate = local.oke_bus_ca != null ? base64decode(local.oke_bus_ca) : null
|
|
exec {
|
|
api_version = "client.authentication.k8s.io/v1beta1"
|
|
args = ["ce", "cluster", "generate-token", "--cluster-id", coalesce(one(module.oke_bus[*].cluster_id), "disabled")]
|
|
command = "oci"
|
|
}
|
|
}
|
|
# Criacao do Service Account no Cluster Kubernetes
|
|
module "oke_bus_service_account" {
|
|
source = "./modules/oke_service_account"
|
|
count = var.oke_bus_enable ? 1 : 0
|
|
|
|
providers = {
|
|
kubernetes = kubernetes.oke_bus
|
|
}
|
|
|
|
# Injetando as informações do Vault que vieram do output do módulo
|
|
vault_id = one(module.vault[*].vault_id)
|
|
master_key_id = one(module.vault[*].master_key_id)
|
|
|
|
oke_cluster_id = one(module.oke_bus[*].cluster_id)
|
|
oke_cluster_name = var.oke_bus_cluster_name
|
|
oke_compartment = var.oke_bus_cluster_compartment_id
|
|
}
|
|
|
|
# =================================================================
|
|
# CLUSTER OKE - Observabilidade
|
|
# =================================================================
|
|
# Criacao do Cluster Kubernetes
|
|
module "oke_observability" {
|
|
source = "./modules/oke_cluster"
|
|
|
|
# Só executa o deploy se a flag global de ativação estiver true
|
|
count = var.oke_o11y_enable ? 1 : 0
|
|
|
|
# --- Identificação e Contexto ---
|
|
tenancy_ocid = var.tenancy_ocid
|
|
oke_cluster_name = var.oke_o11y_cluster_name
|
|
oke_compartment = var.oke_o11y_cluster_compartment_id
|
|
|
|
# --- Rede (Descoberta Automática via local.network) ---
|
|
vcn_id = var.oke_o11y_vcn_id
|
|
|
|
# Como o script criará a rede do zero na VCN informada:
|
|
oke_subnet_api_cidr_block = var.oke_o11y_subnet_api_cidr_block
|
|
oke_subnet_node_cidr_block = var.oke_o11y_subnet_node_cidr_block
|
|
oke_subnet_lb_cidr_block = var.oke_o11y_subnet_lb_cidr_block
|
|
oke_subnet_pods_cidr_block = var.oke_o11y_subnet_pods_cidr_block
|
|
|
|
# --- Configuração de Hardware (Node Pool) ---
|
|
oke_node_shape = var.oke_o11y_node_shape
|
|
oke_nodepool_size = var.oke_o11y_node_count
|
|
oke_node_shape_memory_gb = var.oke_o11y_node_memory_gb
|
|
oke_node_shape_ocpus = var.oke_o11y_node_ocpus
|
|
|
|
# --- Endpoint e Add-ons ---
|
|
oke_api_endpoint_public = var.oke_o11y_api_endpoint_public
|
|
oke_enable_autoscaler = var.oke_o11y_enable_autoscaler
|
|
oke_enable_metric_server = var.oke_o11y_enable_metric_server
|
|
oke_enable_cert_manager = var.oke_o11y_enable_cert_manager
|
|
|
|
# --- Configurações Detalhadas do Autoscaler ---
|
|
oke_autoscaler_min_nodes = var.oke_o11y_autoscaler_min_nodes
|
|
oke_autoscaler_max_nodes = var.oke_o11y_autoscaler_max_nodes
|
|
oke_autoscaler_down_delay_after_add = var.oke_o11y_autoscaler_down_delay_after_add
|
|
oke_autoscaler_down_unneeded_time = var.oke_o11y_autoscaler_down_unneeded_time
|
|
oke_autoscaler_down_unready_time = var.oke_o11y_autoscaler_down_unready_time
|
|
oke_autoscaler_skip_nodes_with_system_pods = var.oke_o11y_autoscaler_skip_nodes_with_system_pods
|
|
}
|
|
# Criacao do provider Kubernetes
|
|
provider "kubernetes" {
|
|
alias = "oke_observability"
|
|
host = one(module.oke_observability[*].cluster_endpoint) # Use os outputs do seu módulo
|
|
cluster_ca_certificate = local.oke_observability_ca != null ? base64decode(local.oke_observability_ca) : null
|
|
exec {
|
|
api_version = "client.authentication.k8s.io/v1beta1"
|
|
args = ["ce", "cluster", "generate-token", "--cluster-id", coalesce(one(module.oke_observability[*].cluster_id), "disabled")]
|
|
command = "oci"
|
|
}
|
|
}
|
|
# Criacao do Service Account no Cluster Kubernetes
|
|
module "oke_observability_service_account" {
|
|
source = "./modules/oke_service_account"
|
|
count = var.oke_o11y_enable ? 1 : 0
|
|
|
|
providers = {
|
|
kubernetes = kubernetes.oke_observability
|
|
}
|
|
|
|
# Injetando as informações do Vault que vieram do output do módulo
|
|
vault_id = one(module.vault[*].vault_id)
|
|
master_key_id = one(module.vault[*].master_key_id)
|
|
|
|
oke_cluster_id = one(module.oke_observability[*].cluster_id)
|
|
oke_cluster_name = var.oke_o11y_cluster_name
|
|
oke_compartment = var.oke_o11y_cluster_compartment_id
|
|
}
|
|
|
|
# =================================================================
|
|
# Bucket
|
|
# =================================================================
|
|
module "bucket" {
|
|
source = "./modules/bucket"
|
|
|
|
# Só executa o deploy se a flag global de ativação estiver true
|
|
count = var.bucket_enable ? 1 : 0
|
|
|
|
bucket_name = var.bucket_name
|
|
bucket_compartment = var.bucket_compartment
|
|
bucket_access_type = var.bucket_access_type
|
|
bucket_storage_tier = var.bucket_storage_tier
|
|
bucket_versioning = var.bucket_versioning
|
|
}
|
|
|
|
# =================================================================
|
|
# Vault
|
|
# =================================================================
|
|
module "vault" {
|
|
source = "./modules/vault"
|
|
|
|
# Só executa o deploy se a flag global de ativação estiver true
|
|
count = local.vault_required ? 1 : 0
|
|
|
|
vault_name = var.vault_name
|
|
vault_compartment = var.vault_compartment
|
|
}
|
|
|
|
# =================================================================
|
|
# PostgreSQL
|
|
# =================================================================
|
|
module "postgresql" {
|
|
source = "./modules/postgresql"
|
|
|
|
# Só executa o deploy se a flag global de ativação estiver true
|
|
count = var.postgresql_enable ? 1 : 0
|
|
|
|
# Injetando as informações do Vault que vieram do output do módulo
|
|
vault_id = one(module.vault[*].vault_id)
|
|
master_key_id = one(module.vault[*].master_key_id)
|
|
|
|
postgresql_name = var.postgresql_name
|
|
postgresql_compartment_id = var.postgresql_compartment_id
|
|
|
|
vcn_id = var.postgresql_vcn_id
|
|
subnet_cidr_block = var.postgresql_subnet_cidr_block
|
|
allowed_pod_cidrs = local.psql_allowed_pod_cidrs # CIDRs de PODs autorizados
|
|
|
|
postgresql_version = var.postgresql_version
|
|
postgresql_instance_count = var.postgresql_instance_count
|
|
postgresql_shape = var.postgresql_shape
|
|
postgresql_memory_in_gbs = local.postgresql_memory_in_gbs
|
|
postgresql_ocpu_count = local.postgresql_ocpu_count
|
|
}
|
|
|
|
# =================================================================
|
|
# Redis
|
|
# =================================================================
|
|
module "redis" {
|
|
source = "./modules/redis"
|
|
|
|
# Só executa o deploy se a flag global de ativação estiver true
|
|
count = var.redis_enable ? 1 : 0
|
|
|
|
# Injetando as informações do Vault que vieram do output do módulo
|
|
vault_id = one(module.vault[*].vault_id)
|
|
master_key_id = one(module.vault[*].master_key_id)
|
|
|
|
redis_name = var.redis_name
|
|
redis_compartment_id = var.redis_compartment_id
|
|
|
|
vcn_id = var.redis_vcn_id
|
|
subnet_cidr_block = var.redis_subnet_cidr_block
|
|
allowed_pod_cidrs = local.psql_allowed_pod_cidrs # CIDRs de PODs autorizados
|
|
|
|
redis_count_node = var.redis_count_node
|
|
redis_node_memory_in_gbs = var.redis_node_memory_in_gbs
|
|
redis_software_version = var.redis_software_version
|
|
}
|
|
|
|
# =================================================================
|
|
# Autonomous Database JSON (ADJ)
|
|
# =================================================================
|
|
module "autonomous_json" {
|
|
source = "./modules/autonomous_json"
|
|
|
|
# Só executa o deploy se a flag global de ativação estiver true
|
|
count = var.autonomous_json_enable ? 1 : 0
|
|
|
|
# Injetando as informações do Vault que vieram do output do módulo
|
|
vault_id = one(module.vault[*].vault_id)
|
|
master_key_id = one(module.vault[*].master_key_id)
|
|
|
|
autonomous_json_name = var.autonomous_json_name
|
|
autonomous_json_compartment_id = var.autonomous_json_compartment_id
|
|
|
|
vcn_id = var.autonomous_json_vcn_id
|
|
subnet_cidr_block = var.autonomous_json_subnet_cidr_block
|
|
allowed_pod_cidrs = local.psql_allowed_pod_cidrs # CIDRs de PODs autorizados
|
|
|
|
autonomous_json_compute_model = var.autonomous_json_compute_model
|
|
autonomous_json_compute_count = var.autonomous_json_compute_count
|
|
autonomous_json_data_storage_size_in_tbs = var.autonomous_json_data_storage_size_in_tbs
|
|
autonomous_json_is_auto_scaling_enabled = var.autonomous_json_is_auto_scaling_enabled
|
|
}
|