GKE Autopilot: Add terraform module, users (googleforgames#2912)

* GKE Terraform: Add Autopilot terraform module, refactor e2e terraform for multi-cluster

* Adds install/terraform/modules/gke-autopilot module, based on modules/gke
* Adds example module (will document)
* Refactors e2es, based on discussions with @gongmax: now the
top-level e2e module is the "project" module for the whole e2e
project, with additional gke-autopilot and gke-standard modules
underneath as "per-cluster" modules.
* Allows firewall creation to be handled in project module.

build/terraform/e2e/gke-autopilot/module.tf

@@ -0,0 +1,80 @@
+// Copyright 2023 Google LLC All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+
+// Run:
+//  terraform apply -var project="<YOUR_GCP_ProjectID>"
+
+terraform {
+  required_version = ">= 1.0.0"
+  required_providers {
+    google = {
+      source  = "hashicorp/google"
+      version = "~> 4.25.0"
+    }
+    helm = {
+      source  = "hashicorp/helm"
+      version = "~> 2.3"
+    }
+  }
+}
+
+variable "project" {}
+variable "kubernetesVersion" {}
+
+module "gke_cluster" {
+  source = "../../../../install/terraform/modules/gke-autopilot"
+
+  cluster = {
+    "name"     = format("gke-autopilot-e2e-test-cluster-%s", replace(var.kubernetesVersion, ".", "-"))
+    "project"  = var.project
+    "location" = "us-west1"
+  }
+
+  udpFirewall = false // firewall is created at the project module level
+}
+
+provider "helm" {
+  kubernetes {
+    host                   = module.gke_cluster.host
+    token                  = module.gke_cluster.token
+    cluster_ca_certificate = module.gke_cluster.cluster_ca_certificate
+  }
+}
+
+resource "helm_release" "consul" {
+  repository = "https://helm.releases.hashicorp.com"
+  chart      = "consul"
+  name       = "consul"
+
+  set {
+    name  = "server.replicas"
+    value = "1"
+  }
+
+  set {
+    name  = "server.affinity"
+    value = "null"
+  }
+
+  set {
+    name  = "ui.service.type"
+    value = "ClusterIP"
+  }
+
+  set {
+    name  = "client.enabled"
+    value = "false"
+  }
+}

build/terraform/e2e/gke-standard/module.tf

@@ -0,0 +1,82 @@
+// Copyright 2023 Google LLC All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+
+// Run:
+//  terraform apply -var project="<YOUR_GCP_ProjectID>"
+
+terraform {
+  required_version = ">= 1.0.0"
+  required_providers {
+    google = {
+      source  = "hashicorp/google"
+      version = "~> 4.25.0"
+    }
+    helm = {
+      source  = "hashicorp/helm"
+      version = "~> 2.3"
+    }
+  }
+}
+
+variable "project" {}
+variable "kubernetesVersion" {}
+
+variable "overrideName" {
+  default = ""
+}
+
+module "gke_cluster" {
+  source = "../../../../install/terraform/modules/gke"
+
+  cluster = {
+    "name"                 = var.overrideName != "" ? var.overrideName : format("gke-standard-e2e-test-cluster-%s", replace(var.kubernetesVersion, ".", "-"))
+    "zone"                 = "us-west1-c"
+    "machineType"          = "e2-standard-4"
+    "initialNodeCount"     = 10
+    "enableImageStreaming" = true
+    "project"              = var.project
+  }
+
+  udpFirewall = false // firewall is created at the project module level
+}
+
+provider "helm" {
+  kubernetes {
+    host                   = module.gke_cluster.host
+    token                  = module.gke_cluster.token
+    cluster_ca_certificate = module.gke_cluster.cluster_ca_certificate
+  }
+}
+
+resource "helm_release" "consul" {
+  repository = "https://helm.releases.hashicorp.com"
+  chart      = "consul"
+  name       = "consul"
+
+  set {
+    name  = "server.replicas"
+    value = "1"
+  }
+
+  set {
+    name  = "ui.service.type"
+    value = "ClusterIP"
+  }
+
+  set {
+    name  = "client.enabled"
+    value = "false"
+  }
+}

build/terraform/e2e/module.tf

@@ -30,52 +30,33 @@ terraform {
   }
 }
 
-variable "project" {
-  default = ""
-}
-
-module "gke_cluster" {
-  source = "../../../install/terraform/modules/gke"
+variable "project" {}
 
-  cluster = {
-    "name"                  = "e2e-test-cluster"
-    "zone"                  = "us-west1-c"
-    "machineType"           = "e2-standard-4"
-    "initialNodeCount"      = 10
-    "enableImageStreaming"  = true
-    "project"               = var.project
-  }
-
-  firewallName = "gke-game-server-firewall"
+module "gke_standard_cluster" {
+  source = "./gke-standard"
+  project = var.project
+  kubernetesVersion = "1.24"
+  overrideName = "e2e-test-cluster"
 }
 
-provider "helm" {
-  kubernetes {
-    host                   = module.gke_cluster.host
-    token                  = module.gke_cluster.token
-    cluster_ca_certificate = module.gke_cluster.cluster_ca_certificate
-  }
+module "gke_autopilot_cluster" {
+  source = "./gke-autopilot"
+  project = var.project
+  kubernetesVersion = "1.24"
 }
 
-resource "helm_release" "consul" {
-  repository = "https://helm.releases.hashicorp.com"
-  chart      = "consul"
-  name       = "consul"
-
-  set {
-    name  = "server.replicas"
-    value = "1"
-  }
+resource "google_compute_firewall" "udp" {
+  name    = "gke-game-server-firewall"
+  project = var.project
+  network = "default"
 
-  set {
-    name  = "ui.service.type"
-    value = "ClusterIP"
+  allow {
+    protocol = "udp"
+    ports    = ["7000-8000"]
   }
 
-  set {
-    name  = "client.enabled"
-    value = "false"
-  }
+  target_tags = ["game-server"]
+  source_ranges = ["0.0.0.0/0"]
 }
 
 resource "google_compute_firewall" "tcp" {
@@ -90,4 +71,4 @@ resource "google_compute_firewall" "tcp" {
 
   target_tags = ["game-server"]
   source_ranges = ["0.0.0.0/0"]
-}
+}

build/terraform/gke-autopilot/module.tf

@@ -0,0 +1,135 @@
+// Copyright 2023 Google LLC All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+
+// Run:
+//  terraform apply -var project="<YOUR_GCP_ProjectID>" [-var agones_version="1.17.0"]
+
+terraform {
+  required_version = ">= 1.0.0"
+  required_providers {
+    google = {
+      source  = "hashicorp/google"
+      version = "~> 4.25.0"
+    }
+  }
+}
+
+/////////////////////
+// Cluster parameters
+
+variable "name" {
+  default = "agones-tf-cluster"
+}
+
+variable "project" {
+  default = ""
+}
+
+variable "location" {
+  default     = "us-west1"
+  description = "The GCP location to create the cluster in"
+}
+
+variable "network" {
+  default     = "default"
+  description = "The name of the VPC network to attach the cluster and firewall rule to"
+}
+
+////////////////////
+// Agones parameters
+
+// Install latest version of agones
+variable "agones_version" {
+  default = ""
+}
+
+variable "values_file" {
+  default = "../../../install/helm/agones/values.yaml"
+}
+
+variable "chart" {
+  default = "agones"
+}
+
+variable "crd_cleanup" {
+  default = "true"
+}
+
+variable "ping_service_type" {
+  default = "LoadBalancer"
+}
+
+variable "pull_policy" {
+  default = "Always"
+}
+
+variable "image_registry" {
+  default = "us-docker.pkg.dev/agones-images/release"
+}
+
+variable "always_pull_sidecar" {
+  default = "true"
+}
+
+variable "image_pull_secret" {
+  default = ""
+}
+
+variable "log_level" {
+  default = "info"
+}
+
+variable "feature_gates" {
+  default = ""
+}
+
+module "gke_autopilot_cluster" {
+  source = "../../../install/terraform/modules/gke-autopilot"
+
+  cluster = {
+    "name"     = var.name
+    "project"  = var.project
+    "location" = var.location
+    "network"  = var.network
+  }
+}
+
+module "helm_agones" {
+  source = "../../../install/terraform/modules/helm3"
+
+  agones_version         = var.agones_version
+  values_file            = var.values_file
+  chart                  = var.chart
+  feature_gates          = var.feature_gates
+  host                   = module.gke_autopilot_cluster.host
+  token                  = module.gke_autopilot_cluster.token
+  cluster_ca_certificate = module.gke_autopilot_cluster.cluster_ca_certificate
+  image_registry         = var.image_registry
+  image_pull_secret      = var.image_pull_secret
+  crd_cleanup            = var.crd_cleanup
+  ping_service_type      = var.ping_service_type
+  log_level              = var.log_level
+}
+
+output "host" {
+  value = module.gke_autopilot_cluster.host
+}
+output "token" {
+  value     = module.gke_autopilot_cluster.token
+  sensitive = true
+}
+output "cluster_ca_certificate" {
+  value = module.gke_autopilot_cluster.cluster_ca_certificate
+}