Terraform or OpenTofu

From docwiki
Revision as of 07:14, 19 April 2024 by Mond (talk | contribs) (network.tf)
Jump to: navigation, search

Example how to configure a simple network in Google via Terraform/OpenTofu

Creating a Network

main.tf

 terraform {
 }
 provider "google" {
  project = "linux-lv-test"
  region  = "europe-west1"
  zone    = "europe-west1-d"
 }

network.tf

resource "google_compute_network" "lv_vpc" {
  project                 = "linux-lv-test"
  name                    = "linux-lv-vpc"
  auto_create_subnetworks = false
  mtu                     = 1460
}
resource "google_compute_subnetwork" "lv_vpc_west1" {
  name          = "mywest1"
  ip_cidr_range = "10.20.0.0/16"
  region        = "europe-west1"
  network       = google_compute_network.lv_vpc.id
  secondary_ip_range {
    range_name    = "lv-secondary-range"
    ip_cidr_range = "10.120.0.0/24"
  }
}
resource "google_compute_firewall" "lvfw" {
  name    = "lv-fw"
  network = google_compute_network.lv_vpc.id
  allow {
    protocol = "icmp"
  }
  allow {
    protocol = "tcp"
    ports    = ["22", "80", "443","10000-20000"]
  }
  #source_tags = ["linux-lv"]
  source_ranges = ["0.0.0.0/0"]
}
resource "google_compute_router" "lvrouter" {
  name    = "lv-router"
  region  = google_compute_subnetwork.lv_vpc_west1.region
  network = google_compute_network.lv_vpc.id
}
resource "google_compute_router_nat" "lvnat" {
  name   = "lv-router-nat"
  router = google_compute_router.lvrouter.name
  region = google_compute_router.lvrouter.region
  nat_ip_allocate_option = "AUTO_ONLY"
  source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES"
}

Creating a VM and Adding a DNS Entry

If this is in a different project we can read out the network specifics via "data" blocks.

terraform { }

provider "google" { 

 project = "linux-lv-test"
 region  = "europe-west1"
 zone    = "europe-west1-d"

}


resource "google_compute_instance" "lv_testsrv" { 

 name         = "lvsrv"
 #machine_type = "f1-micro"
 machine_type = "e2-micro"
 zone        = "europe-west1-b"

 boot_disk {
   initialize_params {
     image = "debian-cloud/debian-12"
   }
 }
 metadata_startup_script = "sudo apt-get update; sudo apt-get upgrade -yq ; apt-get install -yq joe bind9-host tmux vim"

 metadata = {
   ssh-keys = "mond:${file("mond.pub")}"
 }
 network_interface {
    subnetwork = data.google_compute_subnetwork.lv_vpc_west1.id
    access_config {
   }
 }
 tags=["linux-lv"]

} resource "google_dns_record_set" "lvsrv" { 

 name         = "lvsrv.g.mond.at."
 managed_zone = data.google_dns_managed_zone.gmond.managed_zone_id
 type         = "A"
 ttl          = 600
 rrdatas      = [local.pubip_lvsrv]
 project = "arctic-sign-343718"

}

data "google_dns_managed_zone" "gmond" { 

 name     = "g-mond"
 project = "arctic-sign-343718"
 #dns_name = "g.mond.at."

}

data "google_compute_network" "lv_vpc" { 

 project                 = "linux-lv-test"
 name                    = "linux-lv-vpc"

}

data "google_compute_subnetwork" "lv_vpc_west1" { 

 name          = "west1"

}

Retrieved from "https://mond.at/docwiki/index.php?title=Terraform_or_OpenTofu&oldid=713"