feat: GCP Terraform Phase 1 infrastructure#3448
feat: GCP Terraform Phase 1 infrastructure#3448wilsonhoe wants to merge 1 commit intoSifchain:masterfrom
Conversation
5 modules: VPC, GKE, Cloud SQL, Load Balancer, Monitoring Includes dev/prod environments and documentation Note: .terraform directories excluded (binaries >100MB)
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: c551d5ba5d
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| # Disable default node pool - we define our own below | ||
| initial_node_count = 1 |
There was a problem hiding this comment.
This cluster never sets remove_default_node_pool = true, so GKE will keep the default node pool in addition to validator_pool. That leaves extra untainted nodes running (unexpected cost and scheduling behavior) even though the module comment says the default pool is disabled. Add remove_default_node_pool = true on the cluster resource to make the dedicated validator pool behavior match the intended design.
Useful? React with 👍 / 👎.
| filter = "metric.type=\"kubernetes.io/container/memory/used_bytes\" resource.type=\"k8s_container\"${local.cluster_filter != "" ? " AND ${local.cluster_filter}" : ""}" | ||
| duration = "300s" | ||
| comparison = "COMPARISON_GT" | ||
|
|
||
| threshold_value = 0.85 |
There was a problem hiding this comment.
The policy compares kubernetes.io/container/memory/used_bytes against 0.85, but this metric is measured in bytes, so nearly every running container exceeds 0.85 bytes and the alert will fire continuously. This creates persistent false positives and makes the alert unusable. Use a bytes threshold appropriate for your workloads or switch to a utilization/ratio metric before applying a percent-style threshold.
Useful? React with 👍 / 👎.
| resource "google_compute_backend_service" "this" { | ||
| name = "${var.name}-backend" | ||
| project = var.project_id | ||
|
|
||
| protocol = "HTTP" |
There was a problem hiding this comment.
The forwarding rules are configured with load_balancing_scheme = "EXTERNAL_MANAGED", but the backend service leaves load_balancing_scheme unset (defaulting to classic EXTERNAL). This mixes classic and external managed ALB components and causes creation/update failures when wiring the URL map/proxy/backend together. Set the backend service scheme explicitly to EXTERNAL_MANAGED (or consistently use classic EXTERNAL everywhere).
Useful? React with 👍 / 👎.
1 participant
Summary
Implements Phase 1 GCP infrastructure for Sifnode using Terraform.
Modules Implemented
Environments
environments/dev/- Development configurationenvironments/prod/- Production configurationValidation
terraform fmtpassesterraform validatepasses for all environmentsBounty: Sifnode Google Cloud Platform