Difference between revisions of "Terraform or OpenTofu"
(→Creating a Network) |
|||
| Line 25: | Line 25: | ||
mtu = 1460 |
mtu = 1460 |
||
} |
} |
||
| − | |||
resource "google_compute_subnetwork" "lv_vpc_west1" { |
resource "google_compute_subnetwork" "lv_vpc_west1" { |
||
name = "mywest1" |
name = "mywest1" |
||
| Line 36: | Line 35: | ||
} |
} |
||
} |
} |
||
| − | |||
resource "google_compute_firewall" "lvfw" { |
resource "google_compute_firewall" "lvfw" { |
||
name = "lv-fw" |
name = "lv-fw" |
||
| Line 50: | Line 48: | ||
source_ranges = ["0.0.0.0/0"] |
source_ranges = ["0.0.0.0/0"] |
||
} |
} |
||
| − | |||
resource "google_compute_router" "lvrouter" { |
resource "google_compute_router" "lvrouter" { |
||
name = "lv-router" |
name = "lv-router" |
||
| Line 56: | Line 53: | ||
network = google_compute_network.lv_vpc.id |
network = google_compute_network.lv_vpc.id |
||
} |
} |
||
| − | |||
resource "google_compute_router_nat" "lvnat" { |
resource "google_compute_router_nat" "lvnat" { |
||
name = "lv-router-nat" |
name = "lv-router-nat" |
||
| Line 64: | Line 60: | ||
source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES" |
source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES" |
||
} |
} |
||
| − | |||
</code> |
</code> |
||
Revision as of 07:08, 19 April 2024
Example how to configure a simple network in Google via Terraform/OpenTofu
Creating a Network
main.tf
terraform {
}
provider "google" {
project = "linux-lv-test"
region = "europe-west1"
zone = "europe-west1-d"
}
network.tf
resource "google_compute_network" "lv_vpc" {
project = "linux-lv-test"
name = "linux-lv-vpc"
auto_create_subnetworks = false
mtu = 1460
}
resource "google_compute_subnetwork" "lv_vpc_west1" {
name = "mywest1"
ip_cidr_range = "10.20.0.0/16"
region = "europe-west1"
network = google_compute_network.lv_vpc.id
secondary_ip_range {
range_name = "lv-secondary-range"
ip_cidr_range = "10.120.0.0/24"
}
}
resource "google_compute_firewall" "lvfw" {
name = "lv-fw"
network = google_compute_network.lv_vpc.id
allow {
protocol = "icmp"
}
allow {
protocol = "tcp"
ports = ["22", "80", "443","10000-20000"]
}
#source_tags = ["linux-lv"]
source_ranges = ["0.0.0.0/0"]
}
resource "google_compute_router" "lvrouter" {
name = "lv-router"
region = google_compute_subnetwork.lv_vpc_west1.region
network = google_compute_network.lv_vpc.id
}
resource "google_compute_router_nat" "lvnat" {
name = "lv-router-nat"
router = google_compute_router.lvrouter.name
region = google_compute_router.lvrouter.region
nat_ip_allocate_option = "AUTO_ONLY"
source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES"
}
