Managing Cloud Tasks with Terraform
Learn how to set up and manage Google Cloud Tasks using Terraform
In this guide, we’ll explore how to manage Google Cloud Tasks using Terraform.
Video Tutorial
Learn more about managing Google Cloud Tasks with Terraform in this comprehensive video tutorial:
Prerequisites
- Google Cloud SDK installed and configured
- Terraform installed (version 1.0.0 or later)
- A GCP project with billing enabled
Provider Configuration
terraform {
required_providers {
google = {
source = "hashicorp/google"
version = "~> 4.0"
}
}
}
provider "google" {
project = var.project_id
region = var.region
}Variables
variable "project_id" {
description = "The ID of the GCP project"
type = string
}
variable "region" {
description = "The region to deploy resources to"
type = string
default = "us-central1"
}
variable "location_id" {
description = "The location for the queue"
type = string
default = "us-central1"
}Queue Configuration
resource "google_cloud_tasks_queue" "default" {
name = "default-queue"
location = var.location_id
rate_limits {
max_concurrent_dispatches = 3
max_dispatches_per_second = 5
}
retry_config {
max_attempts = 5
max_retry_duration = "4s"
min_backoff = "2s"
max_backoff = "3s"
max_doublings = 1
}
stackdriver_logging_config {
sampling_ratio = 0.9
}
}HTTP Target Queue Configuration
resource "google_cloud_tasks_queue" "http_queue" {
name = "http-queue"
location = var.location_id
rate_limits {
max_concurrent_dispatches = 10
max_dispatches_per_second = 500
}
retry_config {
max_attempts = 5
max_retry_duration = "4s"
min_backoff = "1s"
max_backoff = "10s"
max_doublings = 2
}
stackdriver_logging_config {
sampling_ratio = 1.0
}
}App Engine Queue Configuration
resource "google_cloud_tasks_queue" "appengine_queue" {
name = "appengine-queue"
location = var.location_id
app_engine_routing_override {
service = "default"
version = "v1"
instance = "instance-1"
}
rate_limits {
max_concurrent_dispatches = 5
max_dispatches_per_second = 100
}
retry_config {
max_attempts = 10
max_retry_duration = "4s"
min_backoff = "1s"
max_backoff = "10s"
max_doublings = 3
}
}Dead Letter Queue Configuration
resource "google_cloud_tasks_queue" "dlq" {
name = "dead-letter-queue"
location = var.location_id
rate_limits {
max_concurrent_dispatches = 1
max_dispatches_per_second = 1
}
retry_config {
max_attempts = 0
}
stackdriver_logging_config {
sampling_ratio = 1.0
}
}
resource "google_cloud_tasks_queue" "main_with_dlq" {
name = "main-queue-with-dlq"
location = var.location_id
rate_limits {
max_concurrent_dispatches = 5
max_dispatches_per_second = 100
}
retry_config {
max_attempts = 5
max_retry_duration = "4s"
min_backoff = "1s"
max_backoff = "10s"
max_doublings = 2
}
stackdriver_logging_config {
sampling_ratio = 1.0
}
}IAM Configuration
resource "google_service_account" "task_handler" {
account_id = "task-handler"
display_name = "Task Handler Service Account"
}
resource "google_cloud_tasks_queue_iam_binding" "binding" {
name = google_cloud_tasks_queue.default.name
location = var.location_id
role = "roles/cloudtasks.enqueuer"
members = [
"serviceAccount:${google_service_account.task_handler.email}",
]
}
resource "google_project_iam_member" "task_handler_roles" {
for_each = toset([
"roles/cloudtasks.enqueuer",
"roles/cloudtasks.viewer"
])
project = var.project_id
role = each.key
member = "serviceAccount:${google_service_account.task_handler.email}"
}Monitoring Configuration
resource "google_monitoring_alert_policy" "queue_depth" {
display_name = "Queue Depth Alert"
combiner = "OR"
conditions {
display_name = "High Queue Depth"
condition_threshold {
filter = "metric.type=\"cloudtasks.googleapis.com/queue/depth\" AND resource.type=\"cloud_tasks_queue\""
duration = "300s"
comparison = "COMPARISON_GT"
threshold_value = 1000
trigger {
count = 1
}
aggregations {
alignment_period = "60s"
per_series_aligner = "ALIGN_MEAN"
}
}
}
notification_channels = [google_monitoring_notification_channel.email.name]
}Outputs
output "default_queue_name" {
value = google_cloud_tasks_queue.default.name
description = "The name of the default queue"
}
output "http_queue_name" {
value = google_cloud_tasks_queue.http_queue.name
description = "The name of the HTTP queue"
}
output "service_account_email" {
value = google_service_account.task_handler.email
description = "The email of the task handler service account"
}Best Practices
-
Queue Configuration:
- Set rate limits
- Configure retries
- Use DLQ
- Monitor depth
-
Security:
- Use service accounts
- Limit permissions
- Regular audits
- Monitor access
-
Performance:
- Optimize rates
- Monitor latency
- Track failures
- Regular testing
-
Cost Optimization:
- Monitor usage
- Optimize rates
- Clean up tasks
- Regular review
Common Operations
Creating Resources
terraform init
terraform plan
terraform applyQueue Operations
# List queues
gcloud tasks queues list
# Pause queue
gcloud tasks queues pause QUEUE_NAME
# Resume queue
gcloud tasks queues resume QUEUE_NAME
# Purge queue
gcloud tasks queues purge QUEUE_NAMEBest Practices and Tips
-
Queue Management:
- Plan capacity
- Set rate limits
- Use DLQ
- Monitor depth
-
Security:
- Secure endpoints
- Limit access
- Regular audits
- Monitor usage
-
Operations:
- Monitor metrics
- Track failures
- Set up alerts
- Regular maintenance
Conclusion
You’ve learned how to set up and manage Google Cloud Tasks using Terraform. This setup provides:
- Reliable task queues
- Rate limiting
- Dead letter queues
- Best practices implementation