Introduction
In the previous article, I introduced some basic concepts about Terraform, as well as the advantages of using Terraform. If you’re not familiar with it yet, take a look to get some basic knowledge before diving into the next topics.
In this article, I will guide you through writing Terraform files to deploy a Virtual Machine (VM) instance to the Google Cloud Platform.
Creating a Service Account
If you already have a Google Cloud account with the necessary permissions, you can log in to work with Terraform as I instructed in the previous article. However, if for some reason you can’t log in, or if you need a better authentication method, you can create a Service Account to use.
In simple terms, a Google Cloud account is allowed to create Service Accounts. Each Service Account is assigned roles, and each role has corresponding permissions allowing the Service Account to perform specific tasks based on permissions.
To create a Service Account, use the following command:
–display-name={account display name}
–project={project id}
Next, create a JSON-formatted key file:
# –iam-account={service account username}@{project id}.iam.gserviceaccount.com
# –project={project id}
# ex:
gcloud iam service-accounts keys create ./service-account.json
–iam-account={service account username}@{project id}.iam.gserviceaccount.com
–project={project id}
After executing this command, a file named service-account.json will be created for us to use in the Terraform project.
Setting up roles for the Service Account
–member=serviceAccount:{service account username}@{project id}.iam.gserviceaccount.com
–role=roles/{role}
Here, to have management rights in Compute Engine, you need to set the role to –role=roles/compute.admin.
Creating a Terraform Project
First, create a file named provider.tf to define the cloud provider and information about credentials.
required_providers {
google = {
source = “hashicorp/google”
version = “5.18.0”
}
}
}
provider “google” {
credentials = file(“${path.module}/service-account.json”)
project = var.projectId
region = var.region
}
Here, use the service-account.json file created from the Service Account initialization step.
Next, create the variables.tf file.
type = string
}
variable “region” {
type = string
description = “Region”
}
variable “zone” {
type = string
description = “Zone”
}
variable “computeInstanceName” {
type = string
description = “Compute Instance Name”
}
variable “machineType” {
type = string
description = “Machine Type”
}
Create the terraform.tfvars file to define default values. You can modify the values according to your needs.
region = “asia-southeast1”
zone = “asia-southeast1-a”
computeInstanceName = “compute-instance-name”
machineType = “e2-micro”
Finally, create the main.tf file to initialize the compute instance as follows:
name = var.computeInstanceName
machine_type = var.machineType
zone = var.zone
tags = [“http-server”, “https-server”]
boot_disk {
initialize_params {
image = “debian-cloud/debian-10”
}
}
network_interface {
network = “default”
}
}
Execute the Terraform command
Then, execute the following commands one by one to apply the configuration to Google Cloud.
# This command initializes a working directory containing Terraform configuration files
terraform init
# This command executes the actions proposed in a Terraform plan
terraform apply
Once you see the result as follows, the VM instance has been successfully initialized:
SSH Connection
I will guide you through two simple ways to connect via SSH:
1. Using Cloud Shell:
On the Google Cloud web page UI, simply click on the SSH icon to connect.
2. Using the gcloud terminal:
Another way to directly connect via SSH from your local machine is by using the following gcloud command:
If you want to view a list of existing compute instances, use the following command:
If you found value in this post, show your appreciation by sharing and commenting!
If you found this content helpful, please visit the original article on my blog to support the author and explore more interesting content.
