greglebreton 2 years ago
parent 566a8a1e26
commit 69ce6ef047
  1. 78
      README.md
  2. 0
      auth/cle.json
  3. BIN
      docs/service-account.png
  4. 24
      main.tf
  5. 5
      terraform.tfvars
  6. 10
      variables.tf

@ -0,0 +1,78 @@
# TERRAFORM / GCP
## PRE REQUIS
- [COMPTE GCP](https://cloud.google.com/?hl=fr)
- [TERRAFORM](https://www.terraform.io/)
```bash
# LINUX INSTALL
curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -
sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"
sudo apt-get update && sudo apt-get install terraform
```
## PREPARATION
- Créer un projet "terraform-demo"
- Séletionner le projet créé puis créer un compte de service dans l'onglet [IAM et administration](https://console.cloud.google.com/projectselector2/iam-admin/serviceaccounts?hl=fr) de la console GCP
- Ajouter les rôles suivant:
- Compute admin
- Compute network admin
- Service account admin
- Activer les APIs nécessaires (compute engine API, storage API, cloud billing API)
![SERVICES ACCOUNT](docs/service-account.png)
- Créer une clé au sein du compte de service avec les droits sur le compute engine (pour créer les VMs), et télécharger le fichier json contenant la clé pour le mettre dans le dossier auth
- Modifier l'id du projet dans le fichier variables.tf
## UTILISATION
- Lançer Terraform:
```bash
terraform init
```
- Lançer Terraform:
```bash
terraform plan
```
- Lançer Terraform:
```bash
terraform apply
# Saisir yes quand demandé
```
> L'adresse public de la VM est fournie en output du terraform apply http://public-ip:5000
- Se connecter en SSH à la VM pour créer l'application Flask:
```bash
nano app.py
from flask import Flask
app = Flask(__name__)
@app.route('/')
def hello_cloud():
return 'Hello Cloud!'
app.run(host='0.0.0.0')
```
- Installer Flask:
```bash
python3 -m pip install flask
```
- Lançer l'application:
```bash
python3 app.py
```
- Visiter l'adresse fournie en output du terraform apply

Binary file not shown.

After

Width:  |  Height:  |  Size: 174 KiB

@ -5,7 +5,7 @@ terraform {
## PROVIDER ## PROVIDER
provider "google" { provider "google" {
project = var.gcp_project project = var.gcp_project_id
credentials = file(var.gcp_auth_file) credentials = file(var.gcp_auth_file)
region = var.gcp_region region = var.gcp_region
} }
@ -28,7 +28,7 @@ resource "google_compute_subnetwork" "default" {
resource "google_compute_instance" "default" { resource "google_compute_instance" "default" {
name = "flask-vm" name = "flask-vm"
machine_type = "e2-micro" machine_type = "e2-micro"
zone = "europe-west9-a" zone = var.gcp_zone
tags = ["ssh"] tags = ["ssh"]
boot_disk { boot_disk {
@ -49,7 +49,8 @@ resource "google_compute_instance" "default" {
} }
} }
## SSH ## FIREWALL
### SSH
resource "google_compute_firewall" "ssh" { resource "google_compute_firewall" "ssh" {
name = "allow-ssh" name = "allow-ssh"
allow { allow {
@ -61,4 +62,21 @@ resource "google_compute_firewall" "ssh" {
priority = 1000 priority = 1000
source_ranges = ["0.0.0.0/0"] source_ranges = ["0.0.0.0/0"]
target_tags = ["ssh"] target_tags = ["ssh"]
}
### APP
resource "google_compute_firewall" "flask" {
name = "flask-app-firewall"
network = google_compute_network.vpc_network.id
allow {
protocol = "tcp"
ports = ["5000"]
}
source_ranges = ["0.0.0.0/0"]
}
## GET VM PUBLIC IP
output "Web-server-URL" {
value = join("",["http://",google_compute_instance.default.network_interface.0.access_config.0.nat_ip,":5000"])
} }

@ -1,4 +1,5 @@
# GCP Settings # GCP Settings
gcp_project = "terraform-demo-381114" gcp_project_id = "terraform-demo-381114"
gcp_region = "europe-west9" gcp_region = "europe-west9"
gcp_zone = "europe-west9-a"
gcp_auth_file = "./auth/terraform-demo-381114-158cfce10778.json" gcp_auth_file = "./auth/terraform-demo-381114-158cfce10778.json"

@ -11,7 +11,13 @@ variable "gcp_region" {
} }
# define GCP project name # define GCP project name
variable "gcp_project" { variable "gcp_project_id" {
type = string type = string
description = "GCP project name" description = "GCP project id"
}
# define GCP zone
variable "gcp_zone" {
type = string
description = "GCP zone"
} }
Loading…
Cancel
Save