Terraform CDK code for Flight Controller's GCP infrastructure
GCP's infrastructure deployment is divided in two parts viz. base_gcp_infra and main_gcp_infra. Reason being we need to setup Artifact registry first before uploading the container image and creating a Cloud Run service using the same image.
Here are the components built in stage base_gcp_infra:
- Enable relevant API's
- Service Accounts
- Artifact Registry
Subsequently, following components are built in stage main_gcp_infra:
- Bigquery datasets and tables
- PubSub topic
- EventArc trigger
- Cloud Run service (for event receiver)
- Cloud Run service (for Grafana)
- Load balancing components (NEG, URLMap, Frontend, backend, Global address)
- Authenticate to Google Cloud and set the correct project using
gcloud config set project $MY_PROJECT_ID - Synth, plan and deploy both infra & Grafana Dashboard.
make gcp-synthmake gcp-plan-allmake gcp-deploy-all
make gcp-build-dependenciesinstall gcp build dependenciesmake gcp-build-imagebuild the docker image for cloud runmake gcp-synthcdktf synth the all the stacksmake gcp-plan-basecdktf plan the base stackmake gcp-plan-corecdktf plan the core stackmake gcp-plan-grafanacdktf plan the grafana stackmake gcp-plan-allcdktf plan all stacksmake gcp-deploy-basecdktf deploy the base stackmake gcp-deploy-corecdktf deploy the core_stackmake gcp-deploy-grafanacdktf deploy the grafana stackmake gcp-deploy-allcdktf deploy all stacksmake gcp-destroy-basecdktf destroy the base stackmake gcp-destroy-corecdktf destroy core stackmake gcp-destroy-grafanacdktf destroy grafana stackmake gcp-destroy-allcdktf destroy all stacksmake gcp-testgcp specific testsmake gcp-e2egcp specific end to end tests
WHilst writing this, running Grafana with Identiy-Aware Proxy is work in progress due to Cognizant integration. Therefore, accessing Grafana from the Cloud Run is not possible.
As a workaround, it is recommended to run the Grafana container locally using the below image on PORT: 3000:
mirror.gcr.io/grafana/grafana:latest
- Open the side menu by clicking the Grafana icon in the top header.
- In the side menu under
Configurationyou should find a link namedPlugins. - Type
BigQueryin the search bar - Select Google BigQuery by "doitintl" from the list.
- Finally, click on
Install
There are two ways to authenticate the BigQuery plugin - either by uploading a Google JWT file, or by automatically retrieving credentials from Google's metadata server. The latter is only available when running Grafana on a GCE virtual machine.
Create a GCP Service Account for a Project
-
Navigate to the
APIs & Services Credentialspage. -
Click on
Create credentialsand chooseService account key.
-
On the Create service account key page, choose key type
JSON. Then in the Service Account dropdown, choose theNew service accountoption:
-
Some new fields will appear. Fill in a name for the service account in the
Service account namefield and then choose theBigQuery Data ViewerandBigQuery Job Userroles from the Role dropdown:
-
Click the
Createbutton. A JSON key file will be created and downloaded to your computer. Store this file in a secure place as it allows access to your BigQuery data. -
Upload it to Grafana on the datasource Configuration page. You can either upload the file or paste in the contents of the file.
-
The file contents will be encrypted and saved in the Grafana database. Don't forget to save after uploading the file!
A dashboard in Grafana is represented by a JSON object, which stores metadata of its dashboard.
You can create a dashboard by simply uploading the dashboard.json file located within the infrastructure/gcp folder:
- Open the side menu by clicking the Grafana icon in the top header.
- In the side menu under
Dashboardsyou should find a link namedImport. - Upload the
dashboard.jsonfile - Finally, click on
Load
This will create the Dashboard. In case, you decide to add new panels manually, remember to update the dahboard.json file and commit it along with the source code. This way, everyone can have the same view of dashboard.