Use this template to easily create a new Git Repository for managing Factory cloud infrastructure needs. We recommend using Terraform to manage the infrastructure needed to run the Factory.
- A Git organisation that will be used to create the GitOps repositories used by the Factory. e.g. https://github.com/organizations/plan.
- Create a git
factory botuser (different from your own personal user) and generate a personal access token, this will be used by the factory to interact with git repositories. e.g. https://github.com/settings/tokens/new?scopes=repo,read:user,read:org,user:email,write:repo_hook,delete_repo,admin:repo_hook.- Add the
factory botuser to your Git Organisation, and give it Owner permissions.
- Add the
- Check and install latest
terraformCLI - see here. - Check and install latest
jxCLI - see here - Check and install latest
gcloudCLI - see here.- Configure the
gcloudCLI to use the correct project.make gcloud.config
- Create your factory service account for
terraformto use.make sa.create env | grep GOOGLE_APPLICATION_CREDENTIALS - Create your factory APEX dns zone, if you don't have one already. For full details click here.
make sa.use make dns.create
- Configure the
- Create a Factory Cluster git repository from this GitHub Template https://github.com/ContinuousEngineeringProject/factory-cluster-jx3/generate.
- Follow the instructions in the 'Create a new factory cluster' section of the README.md in the Factory Cluster repository you just created.
- Create a Factory Infrastructure git repository from this GitHub Template https://github.com/ContinuousEngineeringProject/factory-infra-gcp/generate.
- Update the
values.auto.tfvarsfile from the Factory Infrastructure git repository.- (If using Kubernetes version 1.23+) add
kuberhealthy = false.
- (If using Kubernetes version 1.23+) add
- (If using Kubernetes version 1.23+) update the local Terraform files.
- Initiate the Terraform modules
terraform init
- Update
jx_kh_check_versionversion in.terraform/modules/eks-jx.health.jx-health/variables.tfto 80. - Update kuberhealthy helm release version in
.terraform/modules/eks-jx.health.jx-health/main.tfto 92
- Initiate the Terraform modules
- Commit and push the changes to the Factory Infrastructure git repository.
- Build the factory cluster
make factory.build
$(terraform output -raw connect) $(terraform output -raw follow_install_logs)
For the full list of terraform inputs see the documentation for jenkins-x/terraform-google-jx
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| apex_domain | The apex / parent domain to be allocated to the cluster | string |
"" |
no |
| apex_domain_gcp_project | The GCP project the parent domain is managed by, used to write recordsets for a subdomain if set. Defaults to current project. | string |
"" |
no |
| apex_domain_integration_enabled | Add recordsets from a subdomain to a parent / apex domain | bool |
true |
no |
| autoscaler_location_policy | location policy for primary node pool | string |
"ANY" |
no |
| autoscaler_max_node_count | Maximum number of cluster nodes | number |
5 |
no |
| autoscaler_min_node_count | Minimum number of cluster nodes | number |
3 |
no |
| cluster_location | The location (region or zone) in which the cluster master will be created. If you specify a zone (such as us-central1-a), the cluster will be a zonal cluster with a single cluster master. If you specify a region (such as us-west1), the cluster will be a regional cluster with multiple masters spread across zones in the region | string |
"us-central1-a" |
no |
| cluster_name | Name of the Kubernetes cluster to create | string |
"" |
no |
| force_destroy | Flag to determine whether storage buckets get forcefully destroyed | bool |
false |
no |
| gcp_project | The name of the GCP project to use | string |
n/a | yes |
| gsm | Enables Google Secrets Manager, not available with JX2 | bool |
false |
no |
| initial_cluster_node_count | initial number of cluster nodes | number |
3 |
no |
| initial_primary_node_pool_node_count | initial number of pool nodes | number |
1 |
no |
| jx_bot_token | Bot token used to interact with the Jenkins X cluster git repository | string |
n/a | yes |
| jx_bot_username | Bot username used to interact with the Jenkins X cluster git repository | string |
n/a | yes |
| jx_git_url | URL for the Jenins X cluster git repository | string |
n/a | yes |
| kuberhealthy | Enables Kuberhealthy helm installation | bool |
true |
no |
| lets_encrypt_production | Flag to determine wether or not to use the Let's Encrypt production server. | bool |
true |
no |
| master_authorized_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically allowlists). | list(object({ cidr_block = string, display_name = string })) |
[ |
no |
| node_disk_size | Node disk size in GB | string |
"100" |
no |
| node_disk_type | Node disk type, either pd-standard or pd-ssd | string |
"pd-standard" |
no |
| node_machine_type | Node type for the Kubernetes cluster | string |
"n1-standard-2" |
no |
| node_preemptible | Use preemptible nodes | bool |
false |
no |
| node_spot | Use spot nodes | bool |
false |
no |
| resource_labels | Set of labels to be applied to the cluster | map(string) |
{} |
no |
| subdomain | Optional sub domain for the installation | string |
"" |
no |
| tls_email | Email used by Let's Encrypt. Required for TLS when parent_domain is specified | string |
"" |
no |
To remove any cloud resources created by the Factory run:
$(terraform output -raw connect)
make factory.destroy