Add Terraform deployment scripts for GCE. (#33)

.idea

*.iml

install/cloud/**/*.json

install/cloud/**/*.tfvars

### Go ###

# Compiled Object files, Static and Dynamic libs (Shared Objects)

## Run Nakama with Google Compute Engine

These instructions show how to deploy Nakama and CockroachDB in Compute Engine on Google Cloud. The provisioner scripts are written in [Terraform](https://www.terraform.io) and automate the setup and deployment of the server resources.

The scripts define variables which must be configured for your deployment. These variables should be configured in a file you'd create called `myproject.tfvars`:

```

gce_project_name = "myproject"

gce_region = "us-east1"

gce_region_zone = "us-east1-b"

gce_ssh_user = "root"

gce_ssh_public_key_file = "your/id_rsa.pub"

gce_ssh_private_key_file = "your/id_rsa"

app_nakama_version = "0.11.2"

app_cockroachdb_version = "beta-20170209"

app_machine_type = "g1-small"

```

You'll also need an `account.json` used to describe your account credentials downloaded from Google Cloud Console. Have a look at the [configuration reference](https://www.terraform.io/docs/providers/google/index.html#configuration-reference) in Terraform's provider docs for more info.

If you need any help or have any questions join our [community channel](https://gitter.im/heroiclabs/nakama) and speak to an engineer or [open an issue](https://github.com/heroiclabs/nakama).

### Full workflow

To provision and deploy a minimal cluster:

1. Create a file named `myproject.tfvars` with the content above.

   Update `"gce_project_name"`, `"gce_ssh_public_key_file"`, and `"gce_ssh_private_key_file"` with your settings.

2. Set the rest of the variables to the values you'd like to use to provision resources in Google Cloud. For example you might want to use an "n1-standard-1" instance rather than "g1-small".

3. You can inspect the resources which will be provisioned:

   ```

   terraform plan --var-file myproject.tfvars

   ```

4. You can apply the resources which will be provisioned:

   ```

   terraform apply --var-file myproject.tfvars

   ```

5. When complete it will include output which shows the public IP of your provisioned Nakama and CockroachDB instance:

   ```

   Outputs:

   instance_ips = 10.100.40.100

   public_ip = 10.100.39.110

   ```

6. The `instance_ips` contain the list of IP addresses which can be reached via a [Nakama client](https://heroiclabs.com/docs/clients/).

/*

 * Copyright 2017 The Nakama Authors

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 * http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

terraform {

  required_version = ">= 0.8, < 0.9"

}

provider "google" {

  project     = "${var.gce_project_name}"

  region      = "${var.gce_region}"

  credentials = "${file("account.json")}"

}

resource "google_compute_address" "api" {

  name = "api-address"

}

resource "google_compute_target_pool" "api" {

  name          = "api-target-pool"

  instances     = ["${google_compute_instance.api.*.self_link}"]

  health_checks = ["${google_compute_http_health_check.healthcheck.name}"]

}

resource "google_compute_http_health_check" "healthcheck" {

  name                = "api-healthcheck"

  port                = 8081

  request_path        = "/v0/health"

  check_interval_sec  = 5

  healthy_threshold   = 1

  unhealthy_threshold = 3

  timeout_sec         = 2

}

resource "google_compute_firewall" "api" {

  name    = "api-firewall"

  network = "default"

  allow {

    protocol = "icmp"

  }

  allow {

    protocol = "tcp"

    ports    = ["22", "80", "443"]

  }

  source_ranges = ["0.0.0.0/0"]

  target_tags   = ["api-node"]

}

resource "google_compute_disk" "default" {

  name = "api-disk"

  type = "pd-ssd"

  zone = "${var.gce_region_zone}"

  size = 10

}

resource "google_compute_instance" "api" {

  count        = 1

  name         = "api-node-${count.index}"

  machine_type = "${var.app_machine_type}"

  zone         = "${var.gce_region_zone}"

  tags         = ["api-node"]

  disk {

    image = "ubuntu-os-cloud/ubuntu-1604-lts"

  }

  disk {

    disk = "${google_compute_disk.default.name}"

  }

  network_interface {

    network = "default"

    access_config {} # Ephemeral

  }

  service_account {

    scopes = ["userinfo-email", "compute-ro", "storage-ro"]

  }

  metadata {

    ssh-keys = "${var.gce_ssh_user}:${file(var.gce_ssh_public_key_file)}"

  }

  provisioner "file" {

    connection {

      user        = "${var.gce_ssh_user}"

      private_key = "${file(var.gce_ssh_private_key_file)}"

      agent       = false

      timeout     = "30s"

    }

    source      = "systemd/"

    destination = "/etc/systemd/system"

  }

  provisioner "remote-exec" {

    connection {

      user        = "${var.gce_ssh_user}"

      private_key = "${file(var.gce_ssh_private_key_file)}"

      agent       = false

      timeout     = "30s"

    }

    inline = [

      "cd /home/ubuntu",

      # Setup cockroachdb

      "wget --no-verbose https://binaries.cockroachdb.com/cockroach-${var.app_cockroachdb_version}.linux-amd64.tgz",

      "tar zxvf cockroach-${var.app_cockroachdb_version}.linux-amd64.tgz",

      "chmod +x ./cockroach-${var.app_cockroachdb_version}.linux-amd64/cockroach",

      "ln -s ./cockroach-${var.app_cockroachdb_version}.linux-amd64/cockroach /home/ubuntu/cockroach",

      "systemctl start cockroach",

      # Setup nakama

      "wget --no-verbose https://github.com/heroiclabs/nakama/releases/download/v${var.app_nakama_version}/nakama-${var.app_nakama_version}-linux-amd64.tar.gz",

      "mkdir -p nakama-${var.app_nakama_version}-linux-amd64",

      "tar zxvf nakama-${var.app_nakama_version}-linux-amd64.tar.gz -C nakama-${var.app_nakama_version}-linux-amd64",

      "chmod +x ./nakama-${var.app_nakama_version}-linux-amd64/nakama",

      "ln -s ./nakama-${var.app_nakama_version}-linux-amd64/nakama",

      "./nakama migrate up --db root@127.0.0.1:26257",

      "systemctl start nakama"

    ]

  }

}

/*

 * Copyright 2017 The Nakama Authors

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 * http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

output "public_ip" {

  value = "${google_compute_address.api.address}"

}

output "instance_ips" {

  value = "${join(" ", google_compute_instance.api.*.network_interface.0.access_config.0.assigned_nat_ip)}"

}

[Unit]

Description=CockroachDB server

ConditionPathExists=/home/ubuntu/cockroach

Wants=network.target

After=network.target

[Service]

ExecStart=/home/ubuntu/cockroach start --insecure --store=attrs=ssd,path=/home/ubuntu/cockroach-store

Restart=always

RestartSec=3

TimeoutSec=6

LimitNOFILE=1048576:1048576

LimitNPROC=1048576:1048576

[Install]

WantedBy=multi-user.target