Пример конфигурации Terraform, который создает GCN (Google Compute Network), GCF (Google Compute Firewall), Instance. Пример использования "metadata_startup_script" в Instance
main.tf
provider "google" {
credentials = "${file("terraform-account.json")}"
project = "artem-terraform"
region = "us-central1"
}
variables.tf
variable "PROJECT_NAME" {
default = "web-server"
}
variable "BITBUCKET_USER" {
default = "terraform-git-website"
}
variable "BITBUCKET_PASS" {
default = "MyTempPass1234"
}
gcf.tf
resource "google_compute_firewall" "default" {
name = "${var.PROJECT_NAME}-firewall"
network = "${google_compute_network.default.name}"
allow {
protocol = "icmp"
}
allow {
protocol = "tcp"
ports = ["22", "80", "443"]
}
}
resource "google_compute_network" "default" {
name = "${var.PROJECT_NAME}-network"
auto_create_subnetworks = "true"
}
instance.tf
resource "google_compute_instance" "web" {
name = "${var.PROJECT_NAME}-instance"
machine_type = "f1-micro"
zone = "us-west1-a"
tags = ["web"]
boot_disk {
initialize_params {
image = "ubuntu-minimal-1804-bionic-v20181120"
}
}
network_interface {
network = "${google_compute_network.default.name}"
access_config {
// Ephemeral IP
}
}
metadata_startup_script = <<SCRIPT
apt update
apt install -y apache2 git
rm -r /var/www/html/*
cd /var/www/html/ && git clone https://"${var.BITBUCKET_USER}":"${var.BITBUCKET_PASS}"@bitbucket.org/terraform-git-website/html.git .
systemctl enable apache2
systemctl start apache2
SCRIPT
service_account {
scopes = ["userinfo-email", "compute-ro", "storage-ro"]
}
}
output.tf
output "public_ip" {
value = "${google_compute_instance.web.network_interface.0.access_config.0.nat_ip}"
}
Скачать ZIP архив с Terraform файлами.