GCP Terraform

Install in Ubuntu

$ wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt update && sudo apt install terraform

$ terraform -help

需要一個IAM才可以使用terraform

  • step1. 創建user

    Image Not Showing Possible Reasons
    • The image was uploaded to a note which you don't have access to
    • The note which the image was originally uploaded to has been deleted
    Learn More →

    Image Not Showing Possible Reasons
    • The image was uploaded to a note which you don't have access to
    • The note which the image was originally uploaded to has been deleted
    Learn More →

    Image Not Showing Possible Reasons
    • The image was uploaded to a note which you don't have access to
    • The note which the image was originally uploaded to has been deleted
    Learn More →

    Image Not Showing Possible Reasons
    • The image was uploaded to a note which you don't have access to
    • The note which the image was originally uploaded to has been deleted
    Learn More →

  • step2. 創建Key

    Image Not Showing Possible Reasons
    • The image was uploaded to a note which you don't have access to
    • The note which the image was originally uploaded to has been deleted
    Learn More →

    Image Not Showing Possible Reasons
    • The image was uploaded to a note which you don't have access to
    • The note which the image was originally uploaded to has been deleted
    Learn More →

    Image Not Showing Possible Reasons
    • The image was uploaded to a note which you don't have access to
    • The note which the image was originally uploaded to has been deleted
    Learn More →

    Image Not Showing Possible Reasons
    • The image was uploaded to a note which you don't have access to
    • The note which the image was originally uploaded to has been deleted
    Learn More →

  • step3. 上傳key

    Image Not Showing Possible Reasons
    • The image was uploaded to a note which you don't have access to
    • The note which the image was originally uploaded to has been deleted
    Learn More →

    Image Not Showing Possible Reasons
    • The image was uploaded to a note which you don't have access to
    • The note which the image was originally uploaded to has been deleted
    Learn More →

Project1.

  • 目的
    創建bucket

  • folder structure

$ ls
key.json  main.tf
provider "google" { credentials = "${file("key.json")}" project = "[your project id]" region = "asia-east1" } resource "google_storage_bucket" "quick-start-gcs" { name = "[your bucket name]" location = "asia-east1" force_destroy = true }
  • 執行指令
$ terraform init (初始化)
$ terraform fmt  (程式碼優化排版)
$ terraform plan (測試程式碼是否可以佈署)
$ terraform apply --auto-approve (真正開始佈署)
$ terraform destroy --auto-approve (刪除程式碼佈署的所有東西)
  • 結果
    Image Not Showing Possible Reasons
    • The image was uploaded to a note which you don't have access to
    • The note which the image was originally uploaded to has been deleted
    Learn More →

Project2.

  • 目的
    創建instance

  • folder structure

$ ls
key.json  main.tf  provider.tf
  • 程式碼

    ​​​​resource "google_compute_instance" "example" { ​​​​ name = "example-instance" ​​​​ machine_type = "e2-micro" ​​​​ zone = "asia-east1-b" ​​​​ boot_disk { ​​​​ initialize_params { ​​​​ image = "projects/ubuntu-os-cloud/global/images/ubuntu-2204-jammy-v20240726" ​​​​ } ​​​​ } ​​​​ network_interface { ​​​​ network = "default" ​​​​ access_config { ​​​​ // Ephemeral IP ​​​​ } ​​​​ } ​​​​}
    ​​​​################################################################################## ​​​​# CONFIGURATION ​​​​################################################################################## ​​​​terraform { ​​​​ # 指定 terraform 的最小版本 ​​​​ required_version = ">=1.0" ​​​​ required_providers { ​​​​ # provider 中的最小版本 ​​​​ google = { ​​​​ source = "hashicorp/google" ​​​​ version = ">= 4.40.0" ​​​​ } ​​​​ } ​​​​} ​​​​################################################################################## ​​​​# PROVIDERS ​​​​################################################################################## ​​​​provider "google" { ​​​​ # your project name ​​​​ credentials = file("key.json") ​​​​ project = "avian-casing-435202-m5" ​​​​}
  • 執行指令

$ terraform init (初始化)
$ terraform fmt  (程式碼優化排版)
$ terraform plan (測試程式碼是否可以佈署)
$ terraform apply --auto-approve (真正開始佈署)
$ terraform destroy --auto-approve (刪除程式碼佈署的所有東西)
  • 結果

Project3.

  • 目的
    檢查虛擬機是否存在,並獲取虛擬機的各種資訊

  • folder structure

$ ls
key.json  main.tf
resource "google_compute_instance" "example" { name = "example-instance" machine_type = "e2-micro" zone = "asia-east1-b" boot_disk { initialize_params { image = "projects/ubuntu-os-cloud/global/images/ubuntu-2204-jammy-v20240726" } } network_interface { network = "default" access_config { // Ephemeral IP } } # 成功案例,執行電腦本機路徑 provisioner "local-exec" { command = "echo ${google_compute_instance.example.network_interface[0].network_ip} > ./ip_address_local_exec.txt" } # # 失敗案例,傳送到虛擬電腦本機 # provisioner "file" { # content = google_compute_instance.example.network_interface[0].network_ip # destination = "/tmp/ip_address_file.txt" # } # # 失敗案例,無法連線到遠端 # provisioner "remote-exec" { # inline = [ # "echo ${google_compute_instance.example.network_interface[0].network_ip} > /tmp/ip_address_remote_exec.txt" # ] # } }
  • 執行指令
$ terraform init (初始化)
$ terraform fmt  (程式碼優化排版)
$ terraform plan (測試程式碼是否可以佈署)
$ terraform apply --auto-approve (真正開始佈署)
$ terraform destroy --auto-approve (刪除程式碼佈署的所有東西)
  • 結果
$ ls
ip_address_local_exec.txt  key.json  main.tf  terraform.tfstate
$ cat ip_address_local_exec.txt 
10.140.0.3