A Terraform module which deploys a Snowplow Iglu Server application on Google running on top of Compute Engine. If you want to use a custom image for this deployment you will need to ensure it is based on top of Ubuntu 20.04.
This module by default collects and forwards telemetry information to Snowplow to understand how our applications are being used. No identifying information about your sub-account or account fingerprints are ever forwarded to us - it is very simple information about what modules and applications are deployed and active.
If you wish to subscribe to our mailing list for updates to these modules or security advisories please set the user_provided_id variable to include a valid email address which we can reach you at.
To disable telemetry simply set variable telemetry_enabled = false.
For details on what information is collected please see this module: https://github.com/snowplow-devops/terraform-snowplow-telemetry
The Iglu Server stack requires a Load Balancer and a Postgres instance to save information into for its backend. Here we are using several managed modules to facilitate this requirement but you can also sub in your own Postgres Host and Load Balancer if you prefer to do so.
locals {
iglu_db_name = "iglu"
iglu_db_username = "iglu"
# Keep this secret!!
iglu_db_password = "Hell0W0rld!"
# Used for API actions on the Iglu Server. Keep this secret!!
iglu_super_api_key = "2f48ad70-b70c-4f58-af3b-f19d8b7706e1"
}
module "iglu_db" {
source = "snowplow-devops/cloud-sql/google"
version = "0.3.0"
name = "iglu-db"
region = local.region
db_name = local.iglu_db_name
db_username = local.iglu_db_username
db_password = local.iglu_db_password
}
module "iglu_server" {
source = "snowplow-devops/iglu-server-ce/google"
accept_limited_use_license = true
name = "iglu-server"
project_id = "<project_id>"
network = var.network
subnetwork = var.subnetwork
region = var.region
ssh_ip_allowlist = ["0.0.0.0/0"]
ssh_key_pairs = []
db_instance_name = module.iglu_db.connection_name
db_port = module.iglu_db.port
db_name = local.iglu_db_name
db_username = local.iglu_db_username
db_password = local.iglu_db_password
super_api_key = local.iglu_super_api_key
}
module "iglu_lb" {
source = "snowplow-devops/lb/google"
version = "0.3.0"
name = "iglu-lb"
instance_group_named_port_http = module.iglu_server.named_port_http
instance_group_url = module.iglu_server.instance_group_url
health_check_self_link = module.iglu_server.health_check_self_link
}| Name | Version |
|---|---|
| terraform | >= 1.0.0 |
| >= 3.90 |
| Name | Version |
|---|---|
| >= 3.90 |
| Name | Source | Version |
|---|---|---|
| service | snowplow-devops/service-ce/google | 0.1.0 |
| telemetry | snowplow-devops/telemetry/snowplow | 0.5.0 |
| Name | Type |
|---|---|
| google_compute_firewall.egress | resource |
| google_compute_firewall.ingress | resource |
| google_compute_firewall.ingress_ssh | resource |
| google_project_iam_member.sa_cloud_sql_client | resource |
| google_project_iam_member.sa_logging_log_writer | resource |
| google_service_account.sa | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| db_name | The name of the database to connect to | string |
n/a | yes |
| db_password | The password to use to connect to the database | string |
n/a | yes |
| db_port | The port the database is running on | number |
n/a | yes |
| db_username | The username to use to connect to the database | string |
n/a | yes |
| name | A name which will be pre-pended to the resources created | string |
n/a | yes |
| network | The name of the network to deploy within | string |
n/a | yes |
| project_id | The project ID in which the stack is being deployed | string |
n/a | yes |
| region | The name of the region to deploy within | string |
n/a | yes |
| super_api_key | A UUIDv4 string to use as the master API key for Iglu Server management | string |
n/a | yes |
| accept_limited_use_license | Acceptance of the SLULA terms (https://docs.snowplow.io/limited-use-license-1.0/) | bool |
false |
no |
| app_version | App version to use. This variable facilitates dev flow, the modules may not work with anything other than the default value. | string |
"0.12.0" |
no |
| associate_public_ip_address | Whether to assign a public ip address to this instance; if false this instance must be behind a Cloud NAT to connect to the internet | bool |
true |
no |
| db_host | The hostname of the database to connect to (Note: if db_instance_name is non-empty this setting is ignored) | string |
"" |
no |
| db_instance_name | The instance name of the CloudSQL instance to connect to (Note: if set db_host will be ignored and a proxy established instead) | string |
"" |
no |
| gcp_logs_enabled | Whether application logs should be reported to GCP Logging | bool |
true |
no |
| health_check_path | The path to bind for health checks | string |
"/api/meta/health" |
no |
| ingress_port | The port that the iglu server will be bound to and expose over HTTP | number |
8080 |
no |
| java_opts | Custom JAVA Options | string |
"-XX:InitialRAMPercentage=75 -XX:MaxRAMPercentage=75" |
no |
| labels | The labels to append to this resource | map(string) |
{} |
no |
| machine_type | The machine type to use | string |
"e2-small" |
no |
| network_project_id | The project ID of the shared VPC in which the stack is being deployed | string |
"" |
no |
| patches_allowed | Whether or not patches are allowed for published Iglu Schemas | bool |
true |
no |
| ssh_block_project_keys | Whether to block project wide SSH keys | bool |
true |
no |
| ssh_ip_allowlist | The list of CIDR ranges to allow SSH traffic from | list(any) |
[ |
no |
| ssh_key_pairs | The list of SSH key-pairs to add to the servers | list(object({ |
[] |
no |
| subnetwork | The name of the sub-network to deploy within; if populated will override the 'network' setting | string |
"" |
no |
| target_size | The number of servers to deploy | number |
1 |
no |
| telemetry_enabled | Whether or not to send telemetry information back to Snowplow Analytics Ltd | bool |
true |
no |
| ubuntu_20_04_source_image | The source image to use which must be based of of Ubuntu 20.04; by default the latest community version is used | string |
"" |
no |
| user_provided_id | An optional unique identifier to identify the telemetry events emitted by this stack | string |
"" |
no |
| Name | Description |
|---|---|
| health_check_id | Identifier for the health check on the instance group |
| health_check_self_link | The URL for the health check on the instance group |
| instance_group_url | The full URL of the instance group created by the manager |
| manager_id | Identifier for the instance group manager |
| manager_self_link | The URL for the instance group manager |
| named_port_http | The name of the port exposed by the instance group |
| named_port_value | The named port value (e.g. 8080) |
Copyright 2021-present Snowplow Analytics Ltd.
Licensed under the Snowplow Limited Use License Agreement. (If you are uncertain how it applies to your use case, check our answers to frequently asked questions.)