-
Notifications
You must be signed in to change notification settings - Fork 827
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
terraform/k8s-infra-kubernetes-io: manage k8s-infra-sandbox-capg budget #2940
Conversation
|
A module to manage organization-level resources, including: - a project to use for APIs that only make sense to be enabled in the context of org management, like billing or orgpolicy - a lien on kubernetes-public to make sure it's not accidentally deleted, as a demonstration of how we could use liens - a budget for k8s-infra-sandbox-capg Setting up the project required a little bit of a manual work, because in order for terraform to use a project for billing purposes, the project needs to already exist and have certain services enabled. This involved: - commenting out "user_project_override" to use a gcloud project with cloudresourcemanager and serviceusage APIs enabled - commenting out terraform resources that weren't directly related to the creation/services of the k8s-infra-kubernetes-io project - running terraform apply - uncommenting everything - running terraform apply again This was necessary because the Google Cloud billing budgets API does not work with user credentials (which is how we've been authenticating and using terraform thus far)
1dc4497
to
0beacba
Compare
$3M/y / 12 mo/y = $250K/mo, alert at 90% (225K) and 100%
Added a monthly budget for k8s-infra as a whole, we'll get e-mail alerts if we hit 90% (225K) for the month, which we have been. |
/approve thanks @spiffxp please remove hold when ready |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Terraform LGTM (gonna start trying to help out more with infra, starting with reviews)
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: dims, endocrimes, spiffxp The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/hold cancel |
/lgtm |
data "google_monitoring_notification_channel" "sig_k8s_infra_leads" { | ||
project = data.google_project.kubernetes_public.project_id | ||
display_name = "[email protected]" | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why not directly manage this with Terraform ? (use a resource)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
And I think Steering should be get notified when the threshold reach a critical percentage of the budget defined
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll tackle these in a followup
Related:
A module to manage organization-level resources, including:
context of org management, like billing or orgpolicy
deleted, as a demonstration of how we could use liens
Setting up the project required a little bit of a manual work, because
in order for terraform to use a project for billing purposes, the
project needs to already exist and have certain services enabled. This
involved:
cloudresourcemanager and serviceusage APIs enabled
the creation/services of the k8s-infra-kubernetes-io project
This was necessary because the Google Cloud billing budgets API does not
work with user credentials (which is how we've been authenticating and
using terraform thus far), ref: https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/billing_budget