Terraform :
It is a powerful open-source infrastructure automation tool for provisioning and managing infrastructure as code. It’s developed by HashiCorp as an opensource project for cloud developers to manage their infrastructure.Its supported by major infrastructure services such as AWS, OpenStack, Vultr, Digital Ocean, Google Cloud.
In will go through to setup a configuration to create an instance in GCP with Terraform and run a Nginx web server in the instance.
Steps :
a.Terraform installation
b.Required Google cloud account with service account json key for a project
c.Terraform configuration file
d.Execute terraform config file to provision a new instance in GCP
a.Terraform Installation :
OS : Centos 7.6
1.Instal unzip to extract terraform zip file.
#yum install zip unzip -y
2.Download the latest version from terraform website for your operating system.
Website url : https://www.terraform.io/downloads.html
Am using centos, so am downloading Linux.
#wget https://releases.hashicorp.com/terraform/0.12.6/terraform_0.12.6_linux_amd64.zip
Unzip the downloaded file.
#unzip terraform_0.12.6_linux_amd64.zip
Now there will be a file name as, terraform in the extracted location,
Move the file to bin directory,
#mv terraform /bin
Check the version of terraform now.
#terraform -v
Now terraform installation is completed.
b.Create GCP serivce account json key file.
Go to google cloud account in browser > go to the project where you wish to provision an instance by terraform > go to IAM & Admin > service accounts > create service account (choose json format to download the key)
Now copy the json key to the server where terraform was installed.
Direct link to create service account, https://console.cloud.google.com/apis/credentials/serviceaccountkey
c.Terraform configuration file
Now we are going to create terraform config file which will provision instance as per our requirement in GCP project.
Here is my main.tf file, copy the below content in a new main.tf file and update the required changes which are marked as red color.
#####################################
#give the json file name,project name and in which regions the instance has to create.
provider "google" {
credentials = "${file("devopsart-serviceaccount.json")}"
project = "devopsart"
region = "us-central"
}
#give the VM name, machine type, zone name
resource "google_compute_instance" "devopsart" {
name = "devopsart-vm"
machine_type = "n1-standard-1"
zone = "us-central1-a"
#give image project and image family
boot_disk {
initialize_params {
image = "gce-uefi-images/centos-7"
}
}
#give the startup command which need to execute after created an instance
metadata_startup_script = "sudo yum -y update; sudo yum -y install epel-release; sudo yum -y install nginx; sudo service nginx start;"
#Choose the default network
network_interface {
network = "default"
access_config {
}
}
}
#create a firewall rule which needs to allow for this instance
resource "google_compute_firewall" "default" {
name = "nginx-firewall"
network = "default"
#allow default port 80,443 to access the web server from outside.
allow {
protocol = "tcp"
ports = ["80","443"]
}
#allow icmp so that we can ping and check the server is reachable
allow {
protocol = "icmp"
}
}
#Get the public IP for newly created instance.
output "ip" {
value = "${google_compute_instance.devopsart.network_interface.0.access_config.0.nat_ip}"
}
##########################################
Links to check,
To check GCP machine type : https://cloud.google.com/compute/docs/machine-types
To check GCP locations : https://cloud.google.com/appengine/docs/locations
To check GCP Zones : https://cloud.google.com/compute/docs/regions-zones/
To check GCP OS Images : https://cloud.google.com/compute/docs/images
So now we have two files in the directory, one is gcp service account json file and another is main.tf.
d.Execute terraform config file to provision a new instance in GCP,
Now we are going to use below terraform commands to create a new instance in GCP.
1.terraform init : It’s the first command you need to execute. Unless terraform plan, apply, destroy and import will not work. The command terraform init will install :
Terraform modules
Eventually a backend
Provider(s) plugins
Run this command where the main.tf file is there,
#terraform init
2.terraform plan :
This plan step will check the configuration to execute and write a plan to apply to target GCP.
Run this command where the main.tf file is there,
#terraform plan
It will show the all the configuration details which we have given above in main.tf
3.terraform apply :
It will execute the plan and it will provision the new instance in GCP project.
Run this command where the main.tf file is there,
#terraform apply
During this apply command, it will ask to confirm for provision so give "yes" then it will create the instance and show the status and IP of the instance like below,
There will be a file name called "terraform.tfstate" is generated which will have all the details like version, resources ,etc.
Now wait few minutes you can see a new instance to be created in GCP project,
And wait for another 5 minutes, you can check Nginx web server status from the new instance IP.
4.terraform show - This command will show if any existing resources are running.
#terraform show
5.terraform destroy - This command will delete the resources which are currently used by terraform and we can delete the specific resource.
#terraform destroy (to delete all resources)
#terraform destroy -target google_compute_instance.devopsart (it will delete only devopsart instance and it will not delete firewall)
Thats it, new GCP instance has been created with Nginx webserver by Terraform.
Post a Comment