resilien
/
terraform
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

examples: Remove the Google Cloud examples 

These are now in the provider's own repository, linked from the README
here.
This commit is contained in:
Martin Atkins 2017-07-24 15:08:40 -07:00
parent 29ebe07e1e
commit 3b95c85f18
26 changed files with 1 additions and 977 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
examples/README.md
View File

@ -23,3 +23,4 @@ repositories contain documentation specific to their provider:
* [AliCloud Examples](https://github.com/terraform-providers/terraform-provider-alicloud/tree/master/examples)
* [Amazon Web Services Examples](https://github.com/terraform-providers/terraform-provider-aws/tree/master/examples)
* [Azure Examples](https://github.com/terraform-providers/terraform-provider-azurerm/tree/master/examples)
* [Google Cloud Examples](https://github.com/terraform-providers/terraform-provider-google/tree/master/examples)

17
examples/gce-vpn/README.md
View File

@ -1,17 +0,0 @@
# Google Compute Engine VPN Example
This example joins two GCE networks via VPN. The firewall rules have been set up
so that you can create an instance in each network and have them communicate
using their internal IP addresses.
See this [example](https://cloud.google.com/compute/docs/vpn) for more
information.
Run this example using
```
terraform apply \
-var="region1=us-central1" \
-var="region2=europe-west1" \
-var="project=my-project-id-123"
```

11
examples/gce-vpn/variables.tf
View File

@ -1,11 +0,0 @@
variable "project" {
description = "Your project name"
}
variable "region1" {
description = "The desired region for the first network & VPN and project"
}
variable "region2" {
description = "The desired region for the second network & VPN"
}

182
examples/gce-vpn/vpn.tf
View File

@ -1,182 +0,0 @@
# An example of how to connect two GCE networks with a VPN
provider "google" {
account_file = "${file("~/gce/account.json")}"
project = "${var.project}"
region = "${var.region1}"
}
# Create the two networks we want to join. They must have separate, internal
# ranges.
resource "google_compute_network" "network1" {
name = "network1"
ipv4_range = "10.120.0.0/16"
}
resource "google_compute_network" "network2" {
name = "network2"
ipv4_range = "10.121.0.0/16"
}
# Attach a VPN gateway to each network.
resource "google_compute_vpn_gateway" "target_gateway1" {
name = "vpn1"
network = "${google_compute_network.network1.self_link}"
region = "${var.region1}"
}
resource "google_compute_vpn_gateway" "target_gateway2" {
name = "vpn2"
network = "${google_compute_network.network2.self_link}"
region = "${var.region2}"
}
# Create an outward facing static IP for each VPN that will be used by the
# other VPN to connect.
resource "google_compute_address" "vpn_static_ip1" {
name = "vpn-static-ip1"
region = "${var.region1}"
}
resource "google_compute_address" "vpn_static_ip2" {
name = "vpn-static-ip2"
region = "${var.region2}"
}
# Forward IPSec traffic coming into our static IP to our VPN gateway.
resource "google_compute_forwarding_rule" "fr1_esp" {
name = "fr1-esp"
region = "${var.region1}"
ip_protocol = "ESP"
ip_address = "${google_compute_address.vpn_static_ip1.address}"
target = "${google_compute_vpn_gateway.target_gateway1.self_link}"
}
resource "google_compute_forwarding_rule" "fr2_esp" {
name = "fr2-esp"
region = "${var.region2}"
ip_protocol = "ESP"
ip_address = "${google_compute_address.vpn_static_ip2.address}"
target = "${google_compute_vpn_gateway.target_gateway2.self_link}"
}
# The following two sets of forwarding rules are used as a part of the IPSec
# protocol
resource "google_compute_forwarding_rule" "fr1_udp500" {
name = "fr1-udp500"
region = "${var.region1}"
ip_protocol = "UDP"
port_range = "500"
ip_address = "${google_compute_address.vpn_static_ip1.address}"
target = "${google_compute_vpn_gateway.target_gateway1.self_link}"
}
resource "google_compute_forwarding_rule" "fr2_udp500" {
name = "fr2-udp500"
region = "${var.region2}"
ip_protocol = "UDP"
port_range = "500"
ip_address = "${google_compute_address.vpn_static_ip2.address}"
target = "${google_compute_vpn_gateway.target_gateway2.self_link}"
}
resource "google_compute_forwarding_rule" "fr1_udp4500" {
name = "fr1-udp4500"
region = "${var.region1}"
ip_protocol = "UDP"
port_range = "4500"
ip_address = "${google_compute_address.vpn_static_ip1.address}"
target = "${google_compute_vpn_gateway.target_gateway1.self_link}"
}
resource "google_compute_forwarding_rule" "fr2_udp4500" {
name = "fr2-udp4500"
region = "${var.region2}"
ip_protocol = "UDP"
port_range = "4500"
ip_address = "${google_compute_address.vpn_static_ip2.address}"
target = "${google_compute_vpn_gateway.target_gateway2.self_link}"
}
# Each tunnel is responsible for encrypting and decrypting traffic exiting
# and leaving its associated gateway
resource "google_compute_vpn_tunnel" "tunnel1" {
name = "tunnel1"
region = "${var.region1}"
peer_ip = "${google_compute_address.vpn_static_ip2.address}"
shared_secret = "a secret message"
target_vpn_gateway = "${google_compute_vpn_gateway.target_gateway1.self_link}"
depends_on = ["google_compute_forwarding_rule.fr1_udp500",
"google_compute_forwarding_rule.fr1_udp4500",
"google_compute_forwarding_rule.fr1_esp",
]
}
resource "google_compute_vpn_tunnel" "tunnel2" {
name = "tunnel2"
region = "${var.region2}"
peer_ip = "${google_compute_address.vpn_static_ip1.address}"
shared_secret = "a secret message"
target_vpn_gateway = "${google_compute_vpn_gateway.target_gateway2.self_link}"
depends_on = ["google_compute_forwarding_rule.fr2_udp500",
"google_compute_forwarding_rule.fr2_udp4500",
"google_compute_forwarding_rule.fr2_esp",
]
}
# Each route tells the associated network to send all traffic in the dest_range
# through the VPN tunnel
resource "google_compute_route" "route1" {
name = "route1"
network = "${google_compute_network.network1.name}"
next_hop_vpn_tunnel = "${google_compute_vpn_tunnel.tunnel1.self_link}"
dest_range = "${google_compute_network.network2.ipv4_range}"
priority = 1000
}
resource "google_compute_route" "route2" {
name = "route2"
network = "${google_compute_network.network2.name}"
next_hop_vpn_tunnel = "${google_compute_vpn_tunnel.tunnel2.self_link}"
dest_range = "${google_compute_network.network1.ipv4_range}"
priority = 1000
}
# We want to allow the two networks to communicate, so we need to unblock
# them in the firewall
resource "google_compute_firewall" "network1-allow-network1" {
name = "network1-allow-network1"
network = "${google_compute_network.network1.name}"
source_ranges = ["${google_compute_network.network1.ipv4_range}"]
allow {
protocol = "tcp"
}
allow {
protocol = "udp"
}
allow {
protocol = "icmp"
}
}
resource "google_compute_firewall" "network1-allow-network2" {
name = "network1-allow-network2"
network = "${google_compute_network.network1.name}"
source_ranges = ["${google_compute_network.network2.ipv4_range}"]
allow {
protocol = "tcp"
}
allow {
protocol = "udp"
}
allow {
protocol = "icmp"
}
}

3
examples/google-content-based-load-balancing/.gitignore vendored
View File

@ -1,3 +0,0 @@
terraform.tfstate
terraform.tfstate.backup
terraform.tfvars

35
examples/google-content-based-load-balancing/README.md
View File

@ -1,35 +0,0 @@
# Content Based Load Balancing in Google Cloud
This provides a template for running an HTTP load balancer that distributes traffic to different instances based on the
path in the request URL. It is based on the tutorial at [https://cloud.google.com/compute/docs/load-balancing/http/content-based-example](https://cloud.google.com/compute/docs/load-balancing/http/content-based-example).
To start, [download your credentials from Google Cloud Console](https://www.terraform.io/docs/providers/google/#credentials); suggested path for downloaded file is `~/.gcloud/Terraform.json`.
Optionally update `variables.tf` to specify a default value for the `project_name` variable, and check other variables.
After you run `terraform apply` on this configuration, it will
automatically output the public IP address of the load balancer.
After your instance registers, the LB should respond with the following at its root:
```html
<h1>www</h1>
```
And the following at the /video/ url:
```html
<h1>www-video</h1>
```
To run, configure your Google Cloud provider as described in
https://www.terraform.io/docs/providers/google/index.html
Run with a command like this:
```
terraform apply \
-var="region=us-central1" \
-var="region_zone=us-central1-f" \
-var="project_name=my-project-id-123" \
-var="credentials_file_path=~/.gcloud/Terraform.json" \
```

159
examples/google-content-based-load-balancing/main.tf
View File

@ -1,159 +0,0 @@
# https://cloud.google.com/compute/docs/load-balancing/http/content-based-example
provider "google" {
region = "${var.region}"
project = "${var.project_name}"
credentials = "${file("${var.credentials_file_path}")}"
}
resource "google_compute_instance" "www" {
name = "tf-www-compute"
machine_type = "f1-micro"
zone = "${var.region_zone}"
tags = ["http-tag"]
disk {
image = "projects/debian-cloud/global/images/family/debian-8"
}
network_interface {
network = "default"
access_config {
// Ephemeral IP
}
}
metadata_startup_script = "${file("scripts/install-www.sh")}"
service_account {
scopes = ["https://www.googleapis.com/auth/compute.readonly"]
}
}
resource "google_compute_instance" "www-video" {
name = "tf-www-video-compute"
machine_type = "f1-micro"
zone = "${var.region_zone}"
tags = ["http-tag"]
disk {
image = "projects/debian-cloud/global/images/family/debian-8"
}
network_interface {
network = "default"
access_config {
// Ephemeral IP
}
}
metadata_startup_script = "${file("scripts/install-video.sh")}"
service_account {
scopes = ["https://www.googleapis.com/auth/compute.readonly"]
}
}
resource "google_compute_global_address" "external-address" {
name = "tf-external-address"
}
resource "google_compute_instance_group" "www-resources" {
name = "tf-www-resources"
zone = "${var.region_zone}"
instances = ["${google_compute_instance.www.self_link}"]
named_port {
name = "http"
port = "80"
}
}
resource "google_compute_instance_group" "video-resources" {
name = "tf-video-resources"
zone = "${var.region_zone}"
instances = ["${google_compute_instance.www-video.self_link}"]
named_port {
name = "http"
port = "80"
}
}
resource "google_compute_health_check" "health-check" {
name = "tf-health-check"
http_health_check {
}
}
resource "google_compute_backend_service" "www-service" {
name = "tf-www-service"
protocol = "HTTP"
backend {
group = "${google_compute_instance_group.www-resources.self_link}"
}
health_checks = ["${google_compute_health_check.health-check.self_link}"]
}
resource "google_compute_backend_service" "video-service" {
name = "tf-video-service"
protocol = "HTTP"
backend {
group = "${google_compute_instance_group.video-resources.self_link}"
}
health_checks = ["${google_compute_health_check.health-check.self_link}"]
}
resource "google_compute_url_map" "web-map" {
name = "tf-web-map"
default_service = "${google_compute_backend_service.www-service.self_link}"
host_rule {
hosts = ["*"]
path_matcher = "tf-allpaths"
}
path_matcher {
name = "tf-allpaths"
default_service = "${google_compute_backend_service.www-service.self_link}"
path_rule {
paths = ["/video", "/video/*",]
service = "${google_compute_backend_service.video-service.self_link}"
}
}
}
resource "google_compute_target_http_proxy" "http-lb-proxy" {
name = "tf-http-lb-proxy"
url_map = "${google_compute_url_map.web-map.self_link}"
}
resource "google_compute_global_forwarding_rule" "default" {
name = "tf-http-content-gfr"
target = "${google_compute_target_http_proxy.http-lb-proxy.self_link}"
ip_address = "${google_compute_global_address.external-address.address}"
port_range = "80"
}
resource "google_compute_firewall" "default" {
name = "tf-www-firewall-allow-internal-only"
network = "default"
allow {
protocol = "tcp"
ports = ["80"]
}
source_ranges = ["130.211.0.0/22", "35.191.0.0/16"]
target_tags = ["http-tag"]
}

3
examples/google-content-based-load-balancing/output.tf
View File

@ -1,3 +0,0 @@
output "application_public_ip" {
value = "${google_compute_global_forwarding_rule.default.ip_address}"
}

9
examples/google-content-based-load-balancing/scripts/install-video.sh
View File

@ -1,9 +0,0 @@
#!/bin/bash -xe
sudo apt-get update
sudo apt-get install apache2 -y
sudo a2ensite default-ssl
sudo a2enmod ssl
sudo service apache2 restart
echo '<!doctype html><html><body><h1>www-video</h1></body></html>' | sudo tee /var/www/html/index.html
sudo mkdir /var/www/html/video
echo '<!doctype html><html><body><h1>www-video</h1></body></html>' | sudo tee /var/www/html/video/index.html

7
examples/google-content-based-load-balancing/scripts/install-www.sh
View File

@ -1,7 +0,0 @@
#!/bin/bash -xe
sudo apt-get update
sudo apt-get install apache2 -y
sudo a2ensite default-ssl
sudo a2enmod ssl
sudo service apache2 restart
echo '<!doctype html><html><body><h1>www</h1></body></html>' | sudo tee /var/www/html/index.html

4
examples/google-content-based-load-balancing/terraform.tfvars.example
View File

@ -1,4 +0,0 @@
region = "us-central1"
region_zone = "us-central1-b"
project_name = "my-project-id-123"
credentials_file_path = "~/.gcloud/Terraform.json"

16
examples/google-content-based-load-balancing/variables.tf
View File

@ -1,16 +0,0 @@
variable "region" {
default = "us-central1"
}
variable "region_zone" {
default = "us-central1-f"
}
variable "project_name" {
description = "The ID of the Google Cloud project"
}
variable "credentials_file_path" {
description = "Path to the JSON file used to describe your account credentials"
default = "~/.gcloud/Terraform.json"
}

3
examples/google-internal-load-balancing/.gitignore vendored
View File

@ -1,3 +0,0 @@
terraform.tfstate
terraform.tfstate.backup
terraform.tfvars

34
examples/google-internal-load-balancing/README.md
View File

@ -1,34 +0,0 @@
# Internal Load Balancing in Google Cloud
This provides a template for setting up internal load balancing in Google Cloud. It directly mirrors the tutorial in the [GCP Internal Load Balancing Documentation](https://cloud.google.com/compute/docs/load-balancing/internal/).
To run the example,
* Log in to gcloud with an account that has permission to create the necessary resources using `gcloud init`.
* Optionally update `variables.tf` to specify a default value for the `project_name` variable, and check other variables.
* Run with a command like this:
```
terraform apply \
-var="region=us-central1" \
-var="region_zone=us-central1-b" \
-var="region_zone_2=us-central1-c" \
-var="project_name=my-project-id-123" \
```
After you run `terraform apply` on this configuration, it will
automatically output the internal IP address of the load balancer.
Since the load balancer is only reachable from within the network, ssh into the standalone instance using
```
gcloud compute ssh --zone us-central1-b standalone-instance-1
```
Using `curl` on the IP address given, the LB should respond with a simple header:
```html
<!doctype html><html><body><h1>ilb-instance-X</h1></body></html>
```

257
examples/google-internal-load-balancing/main.tf
View File

@ -1,257 +0,0 @@
provider "google" {
region = "${var.region}"
project = "${var.project_name}"
}
resource "google_compute_network" "my-custom-network" {
name = "my-custom-network"
}
resource "google_compute_subnetwork" "my-custom-subnet" {
name = "my-custom-subnet"
ip_cidr_range = "10.128.0.0/20"
network = "${google_compute_network.my-custom-network.self_link}"
region = "${var.region}"
}
resource "google_compute_firewall" "allow-all-internal" {
name = "allow-all-10-128-0-0-20"
network = "${google_compute_network.my-custom-network.name}"
allow {
protocol = "tcp"
}
allow {
protocol = "udp"
}
allow {
protocol = "icmp"
}
source_ranges = ["10.128.0.0/20"]
}
resource "google_compute_firewall" "allow-ssh-rdp-icmp" {
name = "allow-tcp22-tcp3389-icmp"
network = "${google_compute_network.my-custom-network.name}"
allow {
protocol = "tcp"
ports = ["22", "3389",]
}
allow {
protocol = "icmp"
}
}
resource "google_compute_instance" "ilb-instance-1" {
name = "ilb-instance-1"
machine_type = "n1-standard-1"
zone = "${var.region_zone}"
tags = ["int-lb"]
disk {
image = "debian-cloud/debian-8"
}
network_interface {
subnetwork = "${google_compute_subnetwork.my-custom-subnet.name}"
access_config {
// Ephemeral IP
}
}
service_account {
scopes = ["compute-rw"]
}
metadata_startup_script = "${file("startup.sh")}"
}
resource "google_compute_instance" "ilb-instance-2" {
name = "ilb-instance-2"
machine_type = "n1-standard-1"
zone = "${var.region_zone}"
tags = ["int-lb"]
disk {
image = "debian-cloud/debian-8"
}
network_interface {
subnetwork = "${google_compute_subnetwork.my-custom-subnet.name}"
access_config {
// Ephemeral IP
}
}
service_account {
scopes = ["compute-rw"]
}
metadata_startup_script = "${file("startup.sh")}"
}
resource "google_compute_instance" "ilb-instance-3" {
name = "ilb-instance-3"
machine_type = "n1-standard-1"
zone = "${var.region_zone_2}"
tags = ["int-lb"]
disk {
image = "debian-cloud/debian-8"
}
network_interface {
subnetwork = "${google_compute_subnetwork.my-custom-subnet.name}"
access_config {
// Ephemeral IP
}
}
service_account {
scopes = ["compute-rw"]
}
metadata_startup_script = "${file("startup.sh")}"
}
resource "google_compute_instance" "ilb-instance-4" {
name = "ilb-instance-4"
machine_type = "n1-standard-1"
zone = "${var.region_zone_2}"
tags = ["int-lb"]
disk {
image = "debian-cloud/debian-8"
}
network_interface {
subnetwork = "${google_compute_subnetwork.my-custom-subnet.name}"
access_config {
// Ephemeral IP
}
}
service_account {
scopes = ["compute-rw"]
}
metadata_startup_script = "${file("startup.sh")}"
}
resource "google_compute_instance_group" "us-ig1" {
name = "us-ig1"
instances = [
"${google_compute_instance.ilb-instance-1.self_link}",
"${google_compute_instance.ilb-instance-2.self_link}"
]
zone = "${var.region_zone}"
}
resource "google_compute_instance_group" "us-ig2" {
name = "us-ig2"
instances = [
"${google_compute_instance.ilb-instance-3.self_link}",
"${google_compute_instance.ilb-instance-4.self_link}"
]
zone = "${var.region_zone_2}"
}
resource "google_compute_health_check" "my-tcp-health-check" {
name = "my-tcp-health-check"
tcp_health_check {
port = "80"
}
}
resource "google_compute_region_backend_service" "my-int-lb" {
name = "my-int-lb"
health_checks = ["${google_compute_health_check.my-tcp-health-check.self_link}"]
region = "${var.region}"
backend {
group = "${google_compute_instance_group.us-ig1.self_link}"
}
backend {
group = "${google_compute_instance_group.us-ig2.self_link}"
}
}
resource "google_compute_forwarding_rule" "my-int-lb-forwarding-rule" {
name = "my-int-lb-forwarding-rule"
load_balancing_scheme = "INTERNAL"
ports = ["80"]
network = "${google_compute_network.my-custom-network.self_link}"
subnetwork = "${google_compute_subnetwork.my-custom-subnet.self_link}"
backend_service = "${google_compute_region_backend_service.my-int-lb.self_link}"
}
resource "google_compute_firewall" "allow-internal-lb" {
name = "allow-internal-lb"
network = "${google_compute_network.my-custom-network.name}"
allow {
protocol = "tcp"
ports = ["80", "443"]
}
source_ranges = ["10.128.0.0/20"]
target_tags = ["int-lb"]
}
resource "google_compute_firewall" "allow-health-check" {
name = "allow-health-check"
network = "${google_compute_network.my-custom-network.name}"
allow {
protocol = "tcp"
}
source_ranges = ["130.211.0.0/22","35.191.0.0/16"]
target_tags = ["int-lb"]
}
resource "google_compute_instance" "standalone-instance-1" {
name = "standalone-instance-1"
machine_type = "n1-standard-1"
zone = "${var.region_zone}"
tags = ["standalone"]
disk {
image = "debian-cloud/debian-8"
}
network_interface {
subnetwork = "${google_compute_subnetwork.my-custom-subnet.name}"
access_config {
// Ephemeral IP
}
}
}
resource "google_compute_firewall" "allow-ssh-to-standalone" {
name = "allow-ssh-to-standalone"
network = "${google_compute_network.my-custom-network.name}"
allow {
protocol = "tcp"
ports = ["22"]
}
target_tags = ["standalone"]
}

3
examples/google-internal-load-balancing/output.tf
View File

@ -1,3 +0,0 @@
output "internal_load_balancer_ip" {
value = "${google_compute_forwarding_rule.my-int-lb-forwarding-rule.ip_address}"
}

10
examples/google-internal-load-balancing/startup.sh
View File

@ -1,10 +0,0 @@
#! /bin/bash
apt-get update
apt-get install apache2 -y
a2ensite default-ssl
a2enmod ssl
service apache2 restart
INSTANCE_NAME=`curl -s -H "Metadata-Flavor: Google" http://metadata.google.internal/computeMetadata/v1/instance/hostname | awk -F "." '{print $1}'`
ZONE=`curl -s -H "Metadata-Flavor: Google" http://metadata.google.internal/computeMetadata/v1/instance/zone | awk -F "/" '{print $NF}'`
echo '<!doctype html><html><body><h1>'$INSTANCE_NAME'</h1></body></html>' | tee /var/www/html/index.html
gcloud compute instances delete-access-config $INSTANCE_NAME --zone $ZONE

5
examples/google-internal-load-balancing/terraform.tfvars.example
View File

@ -1,5 +0,0 @@
region = "us-central1"
region_zone = "us-central1-b"
region_zone2 = "us-central1-c"
project_name = "my-project-id-123"
credentials_file_path = "~/.gcloud/Terraform.json"

15
examples/google-internal-load-balancing/variables.tf
View File

@ -1,15 +0,0 @@
variable "region" {
default = "us-central1"
}
variable "region_zone" {
default = "us-central1-b"
}
variable "region_zone_2" {
default = "us-central1-c"
}
variable "project_name" {
description = "The ID of the Google Cloud project"
}

1
examples/google-two-tier/.gitignore vendored
View File

@ -1 +0,0 @@
terraform.tfvars

50
examples/google-two-tier/README.md
View File

@ -1,50 +0,0 @@
# Basic Two-Tier Architecture in Google Cloud
This provides a template for running a simple two-tier architecture on Google Cloud.
The premise is that you have stateless app servers running behind
a load balancer serving traffic.
To simplify the example, this intentionally ignores deploying and
getting your application onto the servers. However, you could do so either via
[startup script](http://terraform.io/docs/providers/google/r/compute_instance.html#metadata_startup_script) or
[provisioners](https://www.terraform.io/docs/provisioners/) and a configuration
management tool, or by pre-baking configured images with
[Packer](https://packer.io/docs/builders/googlecompute.html).
You will need to generate SSH keys as follows:
```sh
$ ssh-keygen -f ~/.ssh/gcloud_id_rsa
# press <Enter> when asked (twice) for a pass-phrase
```
Then [download your credentials from Google Cloud Console](https://www.terraform.io/docs/providers/google/#credentials); suggested path for downloaded file is `~/.gcloud/Terraform.json`.
Optionally update `variables.tf` to specify a default value for the `project_name` variable, and check other variables.
After you run `terraform apply` on this configuration, it will
automatically output the public IP address of the load balancer.
After your instance registers, the LB should respond with a simple header:
```html
<h1>Welcome to instance 0</h1>
```
The index may differ once you increase `count` of `google_compute_instance`
(i.e. provision more instances).
To run, configure your Google Cloud provider as described in
https://www.terraform.io/docs/providers/google/index.html
Run with a command like this:
```
terraform apply \
-var="region=us-central1" \
-var="region_zone=us-central1-f" \
-var="project_name=my-project-id-123" \
-var="credentials_file_path=~/.gcloud/Terraform.json" \
-var="public_key_path=~/.ssh/gcloud_id_rsa.pub" \
-var="private_key_path=~/.ssh/gcloud_id_rsa"
```

96
examples/google-two-tier/main.tf
View File

@ -1,96 +0,0 @@
# See https://cloud.google.com/compute/docs/load-balancing/network/example
provider "google" {
region = "${var.region}"
project = "${var.project_name}"
credentials = "${file("${var.credentials_file_path}")}"
}
resource "google_compute_http_health_check" "default" {
name = "tf-www-basic-check"
request_path = "/"
check_interval_sec = 1
healthy_threshold = 1
unhealthy_threshold = 10
timeout_sec = 1
}
resource "google_compute_target_pool" "default" {
name = "tf-www-target-pool"
instances = ["${google_compute_instance.www.*.self_link}"]
health_checks = ["${google_compute_http_health_check.default.name}"]
}
resource "google_compute_forwarding_rule" "default" {
name = "tf-www-forwarding-rule"
target = "${google_compute_target_pool.default.self_link}"
port_range = "80"
}
resource "google_compute_instance" "www" {
count = 3
name = "tf-www-${count.index}"
machine_type = "f1-micro"
zone = "${var.region_zone}"
tags = ["www-node"]
disk {
image = "ubuntu-os-cloud/ubuntu-1404-trusty-v20160602"
}
network_interface {
network = "default"
access_config {
# Ephemeral
}
}
metadata {
ssh-keys = "root:${file("${var.public_key_path}")}"
}
provisioner "file" {
source = "${var.install_script_src_path}"
destination = "${var.install_script_dest_path}"
connection {
type = "ssh"
user = "root"
private_key = "${file("${var.private_key_path}")}"
agent = false
}
}
provisioner "remote-exec" {
connection {
type = "ssh"
user = "root"
private_key = "${file("${var.private_key_path}")}"
agent = false
}
inline = [
"chmod +x ${var.install_script_dest_path}",
"sudo ${var.install_script_dest_path} ${count.index}",
]
}
service_account {
scopes = ["https://www.googleapis.com/auth/compute.readonly"]
}
}
resource "google_compute_firewall" "default" {
name = "tf-www-firewall"
network = "default"
allow {
protocol = "tcp"
ports = ["80"]
}
source_ranges = ["0.0.0.0/0"]
target_tags = ["www-node"]
}

7
examples/google-two-tier/output.tf
View File

@ -1,7 +0,0 @@
output "pool_public_ip" {
value = "${google_compute_forwarding_rule.default.ip_address}"
}
output "instance_ips" {
value = "${join(" ", google_compute_instance.www.*.network_interface.0.access_config.0.assigned_nat_ip)}"
}

8
examples/google-two-tier/scripts/install.sh
View File

@ -1,8 +0,0 @@
#!/bin/bash -xe
RESOURCE_INDEX=$1
apt-get -y update
apt-get -y install nginx
IP=$(curl -s -H "Metadata-Flavor:Google" http://metadata/computeMetadata/v1/instance/network-interfaces/0/ip)
echo "Welcome to Resource ${RESOURCE_INDEX} - ${HOSTNAME} (${IP})" > /usr/share/nginx/html/index.html
service nginx start

6
examples/google-two-tier/terraform.tfvars.example
View File

@ -1,6 +0,0 @@
region = "us-central1"
region_zone = "us-central1-a"
project_name = "my-project-id-123"
credentials_file_path = "~/.gcloud/Terraform.json"
public_key_path = "~/.ssh/gcloud_id_rsa.pub"
private_key_path = "~/.ssh/gcloud_id_rsa"

36
examples/google-two-tier/variables.tf
View File

@ -1,36 +0,0 @@
variable "region" {
default = "us-central1"
}
variable "region_zone" {
default = "us-central1-f"
}
variable "project_name" {
description = "The ID of the Google Cloud project"
}
variable "credentials_file_path" {
description = "Path to the JSON file used to describe your account credentials"
default = "~/.gcloud/Terraform.json"
}
variable "public_key_path" {
description = "Path to file containing public key"
default = "~/.ssh/gcloud_id_rsa.pub"
}
variable "private_key_path" {
description = "Path to file containing private key"
default = "~/.ssh/gcloud_id_rsa"
}
variable "install_script_src_path" {
description = "Path to install script within this repository"
default = "scripts/install.sh"
}
variable "install_script_dest_path" {
description = "Path to put the install script on each destination resource"
default = "/tmp/install.sh"
}