Here’s how to add userdata in Terraform.
user_data = filebase64("${path.module}/example.sh") |
cloud engineer
by Ulysses
Here’s how to add userdata in Terraform.
user_data = filebase64("${path.module}/example.sh") |
user_data = filebase64("${path.module}/example.sh")
by Ulysses
How to implement image family with Terraform in GCP.
Declare the machine image in terraform.tfvars.
image-family = "centos-7" |
image-family = "centos-7"
Declare data type for the machine image in maint.tf.
data "google_compute_image" "my_image" { family = var.image-family project = "your-project-id" } |
data "google_compute_image" "my_image" { family = var.image-family project = "your-project-id" }
In main.tf use “google_compute_instance” under boot disk section in main.tf.
boot_disk { initialize_params { image = data.google_compute_image.my_image.self_link } } |
boot_disk { initialize_params { image = data.google_compute_image.my_image.self_link } }
by Ulysses
If you use Terraform and Sublime Text, add Terraform Syntax Highlighter using Package Control.
Press Ctrl+Shift+P or Cmd+Shift+P. Select “Package Control: Install package” Select “Terraform” |
Press Ctrl+Shift+P or Cmd+Shift+P. Select “Package Control: Install package” Select “Terraform”
It should install in a few seconds.
by Ulysses
Run Terraform in a Docker container.
docker run --rm -it --name terraform -v ~/.aws:/root/.aws -v $(pwd):/workspace -w /workspace hashicorp/terraform:latest |
docker run --rm -it --name terraform -v ~/.aws:/root/.aws -v $(pwd):/workspace -w /workspace hashicorp/terraform:latest
Create an alias.
alias terraform='docker run --rm -it --name terraform -v ~/.aws:/root/.aws -v $(pwd):/workspace -w /workspace hashicorp/terraform:latest' |
alias terraform='docker run --rm -it --name terraform -v ~/.aws:/root/.aws -v $(pwd):/workspace -w /workspace hashicorp/terraform:latest'
Run the command
terraform --version
Terraform v1.0.2
on linux_amd64 |
terraform --version Terraform v1.0.2 on linux_amd64
by Ulysses
How to create GCP firewall via Terraform.
Ingress
provider "google" { project = "project-id" } resource "google_compute_firewall" "default" { name = "test-firewall" description = "this is a test firewall" priority = "1000" direction = "INGRESS" network = "projects/project-id/regions/us-east1/subnetworks/default" target_service_accounts = ["service-account-compute@developer.gserviceaccount.com"] source_ranges = ["10.128.0.0/20"] allow { protocol = "tcp" ports = ["80", "8080", "1000-2000"] } } |
provider "google" { project = "project-id" } resource "google_compute_firewall" "default" { name = "test-firewall" description = "this is a test firewall" priority = "1000" direction = "INGRESS" network = "projects/project-id/regions/us-east1/subnetworks/default" target_service_accounts = ["service-account-compute@developer.gserviceaccount.com"] source_ranges = ["10.128.0.0/20"] allow { protocol = "tcp" ports = ["80", "8080", "1000-2000"] } }
Egress
provider "google" { project = "project-id" } resource "google_compute_firewall" "default" { name = "test-firewall" description = "this is a test firewall" priority = "1000" direction = "EGRESS" network = "projects/project-id/regions/us-east1/subnetworks/default" target_service_accounts = ["service-account-compute@developer.gserviceaccount.com"] destination_ranges = ["10.128.0.0/20"] allow { protocol = "tcp" ports = ["80", "8080", "1000-2000"] } } |
provider "google" { project = "project-id" } resource "google_compute_firewall" "default" { name = "test-firewall" description = "this is a test firewall" priority = "1000" direction = "EGRESS" network = "projects/project-id/regions/us-east1/subnetworks/default" target_service_accounts = ["service-account-compute@developer.gserviceaccount.com"] destination_ranges = ["10.128.0.0/20"] allow { protocol = "tcp" ports = ["80", "8080", "1000-2000"] } }
Service account to Service account.
provider "google" { project = "project-id" } resource "google_compute_firewall" "default" { name = "test-firewall" description = "this is a test firewall" priority = "1000" direction = "INGRESS" network = "projects/project-id/regions/us-east1/subnetworks/default" source_service_accounts = ["source-service-account-compute@developer.gserviceaccount.com"] target_service_accounts = ["target-service-account-compute@developer.gserviceaccount.com"] source_ranges = ["10.128.0.0/20"] allow { protocol = "tcp" ports = ["80", "8080", "1000-2000"] } } |
provider "google" { project = "project-id" } resource "google_compute_firewall" "default" { name = "test-firewall" description = "this is a test firewall" priority = "1000" direction = "INGRESS" network = "projects/project-id/regions/us-east1/subnetworks/default" source_service_accounts = ["source-service-account-compute@developer.gserviceaccount.com"] target_service_accounts = ["target-service-account-compute@developer.gserviceaccount.com"] source_ranges = ["10.128.0.0/20"] allow { protocol = "tcp" ports = ["80", "8080", "1000-2000"] } }
by Ulysses
I have an AMI with docker installed. Here’s how I launch a spot instance using Terraform.
Here’s my Terraform script.
terraform { required_providers { aws = { source = "hashicorp/aws" } } } provider "aws" { profile = "default" region = "us-east-1" } resource "aws_spot_instance_request" "docker" { ami = "ami-xxxxxxxxxxxxxxxx" spot_price = "0.0031" wait_for_fulfillment = "true" key_name = "servers" instance_type = "t3.micro" subnet_id = "subnet-xxxxxxxxxxxxxxxx" security_groups = ["sg-xxxxxxxxxxxxxxxxxx"] associate_public_ip_address = "true" user_data = <<-EOF #!/bin/bash hostnamectl set-hostname docker EOF tags = { Name = "docker-0.1" } } resource "aws_ec2_tag" "tagging" { resource_id = aws_spot_instance_request.docker.spot_instance_id key = "Name" value = "docker-0.1" } |
terraform { required_providers { aws = { source = "hashicorp/aws" } } } provider "aws" { profile = "default" region = "us-east-1" } resource "aws_spot_instance_request" "docker" { ami = "ami-xxxxxxxxxxxxxxxx" spot_price = "0.0031" wait_for_fulfillment = "true" key_name = "servers" instance_type = "t3.micro" subnet_id = "subnet-xxxxxxxxxxxxxxxx" security_groups = ["sg-xxxxxxxxxxxxxxxxxx"] associate_public_ip_address = "true" user_data = <<-EOF #!/bin/bash hostnamectl set-hostname docker EOF tags = { Name = "docker-0.1" } } resource "aws_ec2_tag" "tagging" { resource_id = aws_spot_instance_request.docker.spot_instance_id key = "Name" value = "docker-0.1" }
I use “aws_ec2_tag” resource to tag the instance properly.
In addition, I use user_data to run a script, to set the hostname.
To launch via Terraform, I run the following commands.
terraform init terraform apply |
terraform init terraform apply
When done, I could stop the instance to stop incurring charges. Or just simply destroy it via Terraform.
terraform destroy |
terraform destroy
It’s not bad deal for an instance that costs only $0.0031 per hour.
by Ulysses
Here’s a Terraform script for launching an instance in Google Cloud Platform.
provider "google" { project = "project-id" region = "us-central1" zone = "us-central1-a" } resource "google_compute_instance" "wiki" { name = "wiki" machine_type = "n2-standard-1" zone = "us-central1-a" tags = ["web-server"] labels = { name = "wiki" environment = "development" } boot_disk { initialize_params { image = "centos-7-v20210122" } } network_interface { network = "default" access_config { } } service_account { email = "service-account@email.com" scopes = ["cloud-platform"] } } |
provider "google" { project = "project-id" region = "us-central1" zone = "us-central1-a" } resource "google_compute_instance" "wiki" { name = "wiki" machine_type = "n2-standard-1" zone = "us-central1-a" tags = ["web-server"] labels = { name = "wiki" environment = "development" } boot_disk { initialize_params { image = "centos-7-v20210122" } } network_interface { network = "default" access_config { } } service_account { email = "service-account@email.com" scopes = ["cloud-platform"] } }
Here’s a few Terraform commands.
terraform init terraform plan terraform apply terraform destroy |
terraform init terraform plan terraform apply terraform destroy
by Ulysses
Here’s how to launch a LightSail instance using Terraform. Create a main.tf file.
terraform { required_providers { aws = { version = >= 3.22.0" source = "hashicorp/aws" } } } provider "aws" { profile = "default" region = "us-east-1" } resource "aws_lightsail_instance" "yourinstance" { name = "yourinstance" availability_zone = "us-east-1a" blueprint_id = "amazon_linux_2" bundle_id = "nano_2_0" } |
terraform { required_providers { aws = { version = >= 3.22.0" source = "hashicorp/aws" } } } provider "aws" { profile = "default" region = "us-east-1" } resource "aws_lightsail_instance" "yourinstance" { name = "yourinstance" availability_zone = "us-east-1a" blueprint_id = "amazon_linux_2" bundle_id = "nano_2_0" }
To launch, run the following Terraform commands.
terraform init terraform apply |
terraform init terraform apply