Use hyperdisk balanced

joecorall · joecorall · commit 32ceefce6381 · 2025-11-28T06:27:56.000-05:00
And a couple edge case fixes
diff --git a/main.tf b/main.tf
@@ -72,23 +72,20 @@ resource "google_project_iam_member" "log" {
 
 resource "google_compute_disk" "boot" {
   # force re-create VM when cloud-init changes
-  name                      = format("cloud-compose-boot-%s-%s", var.name, md5(data.cloudinit_config.ci.rendered))
+  name                      = format("%s-boot-%s", var.name, md5(data.cloudinit_config.ci.rendered))
   project                   = var.project_id
-  type                      = "pd-ssd"
+  type                      = "hyperdisk-balanced"
   zone                      = var.zone
-  size                      = 10
+  size                      = 20
   image                     = "projects/cos-cloud/global/images/${var.os}"
   physical_block_size_bytes = 4096
 }
 
 resource "google_compute_disk" "data" {
-  name    = format("%s-data-disk", var.name)
-  project = var.project_id
-  type    = "pd-ssd"
-  zone    = var.zone
-  # to resize, extend in console or gcloud CLI
-  # then SSH into VM and run
-  # sudo resize2fs /dev/sdb
+  name                      = format("%s-data-disk", var.name)
+  project                   = var.project_id
+  type                      = "hyperdisk-balanced"
+  zone                      = var.zone
   size                      = var.disk_size_gb
   image                     = "debian-13-trixie-v20251111"
   physical_block_size_bytes = 4096
@@ -100,7 +97,7 @@ resource "google_compute_instance" "cloud-compose" {
   machine_type              = var.machine_type
   zone                      = var.zone
   allow_stopping_for_update = true
-  tags                      = ["cloud-compose", format("cloud-compose-%s", var.name)]
+  tags                      = ["cloud-compose", var.name]
   can_ip_forward            = "false"
 
   boot_disk {
@@ -148,7 +145,7 @@ resource "google_compute_instance" "cloud-compose" {
   }
 
   service_account {
-    email  = google_service_account.cloud-compose.email
+    email = google_service_account.cloud-compose.email
     scopes = [
       "https://www.googleapis.com/auth/logging.write",
       "https://www.googleapis.com/auth/monitoring.write",
diff --git a/rootfs/etc/systemd/system/internal-services.service b/rootfs/etc/systemd/system/internal-services.service
@@ -2,6 +2,8 @@
 Description=Internal Services (Ping, Metrics, Power Management)
 BindsTo=docker.service
 After=cloud-compose.service
+Requires=internal-services.timer
+After=internal-services.timer
 StartLimitIntervalSec=120
 StartLimitBurst=3
 
diff --git a/rootfs/etc/systemd/system/internal-services.timer b/rootfs/etc/systemd/system/internal-services.timer
@@ -0,0 +1,10 @@
+[Unit]
+Description=Delay Internal Services until 10m after initial boot
+
+[Timer]
+OnBootSec=10min
+RuntimeMaxSec=10min
+Unit=internal-services.service
+
+[Install]
+WantedBy=timers.target
diff --git a/rootfs/home/cloud-compose/host-init.sh b/rootfs/home/cloud-compose/host-init.sh
@@ -41,19 +41,14 @@ done
   echo "GCP_PRIVATE_IP=$(jq -r '.instance.networkInterfaces[0].ip' tmp.attr)"
 } >> env.tmp
 
-# shellcheck disable=SC1091
-. ./env.tmp
-
-echo "SITE_DOCKER_REGISTRY=us-docker.pkg.dev/${GCP_PROJECT}/private" >> env.tmp
-
 if ! diff <(md5sum env.tmp) <(md5sum env); then
   mv env.tmp env
-  cp env /mnt/disks/data/compose/.env
-  if [ -d /mnt/disks/data/compose ]; then
-    cp env /mnt/disks/data/compose/.env
-  fi
+  cp env /mnt/disks/data/libops/.env
 fi
 
+# shellcheck disable=SC1091
+. ./env
+
 # generate the docker compose init/up/down commands
 # used by the systemd service
 SCRIPT_DIR="/mnt/disks/data"
@@ -68,6 +63,7 @@ for name in "${!SCRIPTS[@]}"; do
 
 set -eou pipefail
 
+echo "Running dokcer compose ${name}"
 ${SCRIPTS[${name}]}
 EOT
   chmod +x "${SCRIPT_DIR}/${name}"
diff --git a/rootfs/home/cloud-compose/init-app.sh b/rootfs/home/cloud-compose/init-app.sh
@@ -14,14 +14,9 @@ fi
 pushd "$DIR"
 git pull origin "$DOCKER_COMPOSE_BRANCH" || echo "Unable to git pull"
 
-/usr/bin/docker-credential-gcr configure-docker --registries us-docker.pkg.dev
-
 # run the docker compose init command if it exists
 /mnt/disks/data/init
 
 bash /home/cloud-compose/rollout.sh
 
-chgrp developers /mnt/disks/data/compose
-chmod g+s /mnt/disks/data/compose
-
 popd
diff --git a/rootfs/home/cloud-compose/rollout.sh b/rootfs/home/cloud-compose/rollout.sh
@@ -26,6 +26,7 @@ shopt -u nullglob
 if [ "$RESTART" -eq 1 ]; then
   SERVICE=$(grep -sl "WorkingDirectory=$DIR" /etc/systemd/system/*.service | xargs basename)
   if [ -n "$SERVICE" ]; then
+    echo "Restarting $SERVICE"
     systemctl restart "$SERVICE"
   fi
 fi
diff --git a/templates/cloud-init.yml b/templates/cloud-init.yml
@@ -3,8 +3,6 @@
 users:
 - name: cloud-compose
   shell: /bin/bash
-groups:
-  - developers
 
 bootcmd:
 - fsck.ext4 -tvy $(readlink -f /dev/disk/by-id/google-data) || mkfs.ext4 -m 0 -E lazy_itable_init=0,lazy_journal_init=0,discard $(readlink -f /dev/disk/by-id/google-data)
@@ -22,6 +20,5 @@ runcmd:
 - bash /home/cloud-compose/host-conf.sh
 - bash /home/cloud-compose/host-init.sh
 - bash /home/cloud-compose/init-app.sh
-- systemctl start cloud-compose.service
-- systemctl start internal-services.service
+- systemctl start internal-services.timer
 - systemctl start cron.timer
diff --git a/variables.tf b/variables.tf
@@ -27,13 +27,34 @@ variable "name" {
 
 variable "machine_type" {
   type        = string
-  default     = "e2-medium"
-  description = "VM machine type"
+  default     = "n4-standard-2"
+  description = "VM machine type (General-purpose series that support Hyperdisk Balanced"
+
+  validation {
+    condition = contains([
+      "n4-standard-2",
+      "n4-standard-4",
+      "n4-standard-8",
+      "n4-standard-16",
+      "n4-standard-32",
+      "n4-standard-48",
+      "n4-standard-64",
+      "n4-standard-80",
+      "c4-standard-2",
+      "c4-standard-4",
+      "c4-standard-8",
+      "c4-standard-16",
+      "c4-standard-32",
+      "c4-standard-48",
+      "c4-standard-96",
+    ], var.machine_type)
+    error_message = "The 'machine_type' must be from a General-Purpose family that supports Hyperdisk Balanced (C4, or N4 series)"
+  }
 }
 
 variable "disk_size_gb" {
   type        = number
-  default     = 25
+  default     = 50
   description = "Data disk size in GB"
 }
 
