Once upon a time, when I was learning Google Cloud Platform, I just want to automate my workflow and deployments with terraform and, I wrote this IaaC (Infrastructure as a Code) to manage my infrastructure easily and fastly.
What can this do?
Creating a secure load balancer with SSL and turns the HTTP requests to HTTPS with 301 redirection code.
Creating an Instance Template and set everything about network, subnet, startup script.
Creating an Instance Group and manage them. If your instance group CPU is more or less than a value, the instance group manager will automatically scale up or scale down the VMs.
VM instances are running with private IP and, project-wide SSH access is not allowed on default. Managing the firewall rule for load balancer health check.
Requirements
- Enable Compute Engine API if doesn’t enable.
- Create Service account with `
Editorrole (or whatever you want) and export the key file. - Create Cloud Google Storage Bucket for keep the terraform state. If you want, you can add your service account as a member to bucket.
- Create Compute Engine Image You can create a Debian 10 based VM and install nginx via
sudo apt install -y nginxand test this terraform code. Don’t forget tosudo systemctl enable nginxcommand before turn your VM to image.
Usage
Here is the steps…
- Clone the repository
git clone [email protected]:flightlesstux/gcp-instance-group-and-loadbalancer-w-terraform.git - Authenticate to Google Platform if even google-sdk is not installed. It’s really useful for CI/CD pipelines! If you already logged in to your Google Cloud Platform project like
gcloud auth login, you can skip this step.export GOOGLE_APPLICATION_CREDENTIALS=service-account-key.json - Project ID is also declared via terraform but if you don’t export the value, you will probable get an error like below.
export GOOGLE_PROJECT="0123456789012"│ Error: project: required field is not set
│
│ with google_compute_instance_group_manager.this,
│ on group_manager.tf line 1, in resource "google_compute_instance_group_manager" "this":
│ 1: resource "google_compute_instance_group_manager" "this" {
- Edit variable values
variables.tf file. - SSL Certificate Settings
Paste your SSL certificate and the key file undercertsfolder . Loadbalancer needs to be secure! You can paste yourPublic key certificateandCertificate chainintocertificate.crt.
- You can follow-up your production environment version easily with this variable. And also, Instance group need the new version for make a rolling update.
export TF_VAR_deploy_version=v1 - Initilaze
terraform init - Let’s Deploy
terraform applyorterraform apply -auto-approve
Repository Address
https://github.com/flightlesstux/gcp-instance-group-and-loadbalancer-w-terraform
I hope this article will help you.