Difference between revisions of "Terraform or OpenTofu"
(→network.tf) |
(→Creating a VM and Adding a DNS Entry) |
||
| Line 67: | Line 67: | ||
specifics via "data" blocks. |
specifics via "data" blocks. |
||
| − | < |
+ | <pre> |
terraform { |
terraform { |
||
} |
} |
||
| Line 125: | Line 125: | ||
name = "west1" |
name = "west1" |
||
} |
} |
||
| − | </ |
+ | </pre> |
Revision as of 07:15, 19 April 2024
Example how to configure a simple network in Google via Terraform/OpenTofu
Creating a Network
main.tf
terraform {
}
provider "google" {
project = "linux-lv-test"
region = "europe-west1"
zone = "europe-west1-d"
}
network.tf
resource "google_compute_network" "lv_vpc" {
project = "linux-lv-test"
name = "linux-lv-vpc"
auto_create_subnetworks = false
mtu = 1460
}
resource "google_compute_subnetwork" "lv_vpc_west1" {
name = "mywest1"
ip_cidr_range = "10.20.0.0/16"
region = "europe-west1"
network = google_compute_network.lv_vpc.id
secondary_ip_range {
range_name = "lv-secondary-range"
ip_cidr_range = "10.120.0.0/24"
}
}
resource "google_compute_firewall" "lvfw" {
name = "lv-fw"
network = google_compute_network.lv_vpc.id
allow {
protocol = "icmp"
}
allow {
protocol = "tcp"
ports = ["22", "80", "443","10000-20000"]
}
#source_tags = ["linux-lv"]
source_ranges = ["0.0.0.0/0"]
}
resource "google_compute_router" "lvrouter" {
name = "lv-router"
region = google_compute_subnetwork.lv_vpc_west1.region
network = google_compute_network.lv_vpc.id
}
resource "google_compute_router_nat" "lvnat" {
name = "lv-router-nat"
router = google_compute_router.lvrouter.name
region = google_compute_router.lvrouter.region
nat_ip_allocate_option = "AUTO_ONLY"
source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES"
}
Creating a VM and Adding a DNS Entry
If this is in a different project we can read out the network specifics via "data" blocks.
terraform {
}
provider "google" {
project = "linux-lv-test"
region = "europe-west1"
zone = "europe-west1-d"
}
resource "google_compute_instance" "lv_testsrv" {
name = "lvsrv"
#machine_type = "f1-micro"
machine_type = "e2-micro"
zone = "europe-west1-b"
boot_disk {
initialize_params {
image = "debian-cloud/debian-12"
}
}
metadata_startup_script = "sudo apt-get update; sudo apt-get upgrade -yq ; apt-get install -yq joe bind9-host tmux vim"
metadata = {
ssh-keys = "mond:${file("mond.pub")}"
}
network_interface {
subnetwork = data.google_compute_subnetwork.lv_vpc_west1.id
access_config {
}
}
tags=["linux-lv"]
}
resource "google_dns_record_set" "lvsrv" {
name = "lvsrv.g.mond.at."
managed_zone = data.google_dns_managed_zone.gmond.managed_zone_id
type = "A"
ttl = 600
rrdatas = [local.pubip_lvsrv]
project = "arctic-sign-343718"
}
data "google_dns_managed_zone" "gmond" {
name = "g-mond"
project = "arctic-sign-343718"
#dns_name = "g.mond.at."
}
data "google_compute_network" "lv_vpc" {
project = "linux-lv-test"
name = "linux-lv-vpc"
}
data "google_compute_subnetwork" "lv_vpc_west1" {
name = "west1"
}
