Skip to content

corridor/terraform-google-ggx

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
main.tf
main.tf
 
 
outputs.tf
outputs.tf
 
 
terraform.tfvars.example
terraform.tfvars.example
 
 
variables.tf
variables.tf
 
 
versions.tf
versions.tf
 
 

Repository files navigation

terraform-gcp-serverless-ggx

Terraform for running GenGuardX on Google Cloud with Cloud Run.

This repo maps the same application shape from Kubernetes onto Google Cloud serverless primitives:

  • corridor-migration as a Cloud Run Job
  • corridor-app as a public Cloud Run service
  • corridor-worker as an internal Cloud Run service with minimum instances
  • corridor-jupyter as a public Cloud Run service
  • Cloud SQL for PostgreSQL
  • Memorystore for Redis
  • Cloud Storage for shared file-backed state
  • Direct VPC egress from Cloud Run to private services
  • External HTTPS load balancer with serverless NEGs so / routes to app and /jupyter routes to Jupyter

What It Provisions

  • Cloud Run services and job
  • VPC, subnet, and private service networking
  • Cloud SQL PostgreSQL instance, database, and user
  • Memorystore Redis instance
  • Cloud Storage bucket for shared data
  • service account and IAM bindings
  • global external HTTPS load balancer

Why This Shape

The Kubernetes manifests model GenGuardX as three long-running workloads plus shared storage and ingress path routing. Cloud Run cannot reuse Kubernetes manifests directly, so this Terraform keeps the same separation of responsibilities while shifting persistence and networking to managed Google Cloud services.

Cloud Run direct VPC egress is used so the services can reach Cloud SQL and Memorystore without a connector. Cloud Storage is mounted into the services to preserve the app’s file-oriented assumptions.

Configure

Copy terraform.tfvars.example to terraform.tfvars and update:

  • project_id
  • image
  • hostname
  • db_password
  • license_key
  • SMTP fields if email is required

Deploy

terraform init
terraform plan
terraform apply

After apply:

  • point your DNS record at the reserved load balancer IP
  • wait for the managed certificate to become active
  • run the migration job once if you do not want it executed manually later

Notes

  • The Cloud Run load balancer is required because the original deployment routes /jupyter separately from /.
  • The worker service is internal-only because it does not need public ingress.
  • Shared state is stored in a GCS bucket mounted into Cloud Run, which keeps the deployment cloud-native while still accommodating the application’s filesystem expectations.

About

Terraform for running GenGuardX on Google Cloud with Cloud Run.

Topics

deployment terraform gcp ggx

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

 
 
 

Contributors

Languages