create worker service with lb

jamalc · jamalc · commit 256952e251bd · 2025-02-06T20:45:33.000Z
diff --git a/terraform/modules/deployment/main.tf b/terraform/modules/deployment/main.tf
@@ -42,32 +42,33 @@ module "migrate" {
   cloudrun_service_account_email    = module.iam.cloudrun_service_account_email
 }
 
-module "webapp" {
-  source = "../service"
-
-  name          = "webapp"
-  project       = var.project
-  environment   = var.environment
-  region        = var.region
-  image         = var.webapp_image
-  database_name = var.database_name
-
-  database_password_secret_id       = module.database.password_secret_id
-  database_instance_connection_name = module.database.instance_connection_name
-  database_instance_private_ip      = module.database.instance_private_ip
-  network_id                        = module.network.network_id
-  subnetwork_id                     = module.network.subnetwork_id
-  cloudrun_service_account_email    = module.iam.cloudrun_service_account_email
+locals {
+  services = [
+    {
+      name  = "webapp"
+      image = var.webapp_image
+    },
+    {
+      name  = "frontend"
+      image = var.frontend_image
+    },
+    {
+      name  = "worker"
+      image = var.webapp_image
+    }
+  ]
 }
 
-module "frontend" {
+module "services" {
+  for_each = { for s in local.services : s.name => s }
+
   source = "../service"
 
-  name          = "frontend"
+  name          = each.value.name
   project       = var.project
   environment   = var.environment
   region        = var.region
-  image         = var.frontend_image
+  image         = each.value.image
   database_name = var.database_name
 
   database_password_secret_id       = module.database.password_secret_id
@@ -86,3 +87,46 @@ module "load_balancer" {
   region      = var.region
   domain      = var.domain
 }
+
+resource "google_compute_global_address" "worker_lb_ip" {
+  name         = "${var.environment}-tf-cr-lb-1-address"
+  address_type = "EXTERNAL"
+}
+
+# Create a load balancer for the worker service, separate from the frontend and webapp services
+module "worker_lb" {
+  source  = "terraform-google-modules/lb-http/google//modules/serverless_negs"
+  version = "~> 12.0"
+
+  project = var.project
+  name    = "${var.environment}-tf-cr-lb-1"
+
+  address                         = google_compute_global_address.worker_lb_ip.address
+  create_address                  = false
+  ssl                             = true
+  managed_ssl_certificate_domains = [var.domain]
+  https_redirect                  = true
+
+  backends = {
+    "${var.environment}-worker" = {
+      description = "Cloud Run worker"
+      groups      = []
+      serverless_neg_backends = [{
+        region : var.region,
+        type : "cloud-run",
+        service : {
+          name : "${var.environment}-worker",
+        }
+      }]
+
+      enable_cdn = false
+
+      iap_config = {
+        enable = true
+      }
+      log_config = {
+        enable = false
+      }
+    }
+  }
+}
