Added var.service_port to allow customization of port listening on …

…the private network.
nullstone-modules · Mar 27, 2024 · 8a5e812 · 8a5e812
1 parent a4c07e2
commit 8a5e812
Show file tree

Hide file tree

Showing 6 changed files with 24 additions and 17 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,6 @@
+# 0.6.14 (Mar 27, 2024)
+* Added `var.service_port` to allow customization of port listening on the private network.
+
 # 0.6.13 (Mar 27, 2024)
 * Fixed more syntax mistakes with iterators on deployment volumes.
 

diff --git a/app.tf b/app.tf
@@ -17,6 +17,6 @@ locals {
     service_account_email = google_service_account.app.email
     service_name          = local.service_name
     service_port          = local.service_port
-    internal_subdomain    = var.port == 0 ? "" : "${local.block_name}.${local.kubernetes_namespace}.svc.cluster.local"
+    internal_subdomain    = var.container_port == 0 ? "" : "${local.block_name}.${local.kubernetes_namespace}.svc.cluster.local"
   })
 }
diff --git a/deployment.tf b/deployment.tf
@@ -100,7 +100,7 @@ resource "kubernetes_deployment_v1" "this" {
               timeout_seconds       = 1
 
               tcp_socket {
-                port = var.port
+                port = var.container_port
               }
             }
           }
@@ -116,13 +116,13 @@ resource "kubernetes_deployment_v1" "this" {
               timeout_seconds       = 1
 
               tcp_socket {
-                port = var.port
+                port = var.container_port
               }
             }
           }
 
           dynamic "port" {
-            for_each = var.port > 0 ? [var.port] : []
+            for_each = var.container_port > 0 ? [var.container_port] : []
 
             content {
               container_port = port.value

diff --git a/outputs.tf b/outputs.tf
@@ -39,7 +39,6 @@ output "deployer" {
   sensitive   = true
 }
 
-
 output "main_container_name" {
   value       = local.main_container_name
   description = "string ||| The name of the container definition for the main service container"

diff --git a/service.tf b/service.tf
@@ -1,6 +1,6 @@
 locals {
-  has_service  = var.port == 0 ? false : true
-  service_name = var.port == 0 ? "" : local.app_name
+  has_service  = var.service_port == 0 || var.container_port == 0 ? false : true
+  service_name = local.has_service ? "" : local.app_name
 }
 
 resource "kubernetes_service_v1" "this" {
@@ -22,8 +22,8 @@ resource "kubernetes_service_v1" "this" {
     selector = local.match_labels
 
     port {
-      port        = local.service_port
-      target_port = var.port
+      port        = var.service_port
+      target_port = var.container_port
     }
   }
 }
diff --git a/variables.tf b/variables.tf
@@ -36,19 +36,24 @@ variable "replicas" {
   default     = 1
 }
 
-variable "port" {
+variable "container_port" {
   type        = number
-  default     = 80
+  default     = 8080
   description = <<EOF
-The port that the service is listening on.
-This is set to port 80 by default; however, if the service in the container is a non-root user,
-the service will fail due to bind due to permission errors.
-Specify 0 to disable network connectivity to this container.
+Set your container to listen on this port.
+By default, this is set to 8080.
+You cannot bind to a port <1024 a you will get permission errors.
 EOF
 }
 
-locals {
-  service_port = 80
+variable "service_port" {
+  type        = number
+  default     = 80
+  description = <<EOF
+Other services on the network can reach this app via `<app_name>:<service_port>`.
+`service_port` is mapped to `container_port`.
+Specify 0 to disable network connectivity to this app.
+EOF
 }
 
 variable "readiness_delay" {