Skip to main content

Deploying Resources to GCP with Terraform

Course

Intro Video

Photo of Broadus Palmer

Broadus Palmer

Google Cloud Training Architect

Length

06:28:31

Difficulty

Intermediate

Videos

22

Hands-on Labs

5

Course Details

This course demonstrates how to create and manage projects and resources on Google Cloud Platform with Terraform. With Terraform, many of your resources — such as projects, IAM policies, networks, and Compute Engine instances — can be managed, versioned, and easily recreated for your organization or teams. The state that Terraform generates is saved to Google Cloud Storage for persistence.

Syllabus

Course Introduction

Getting Started

Course Introduction

00:01:16

Lesson Description:

In this lesson, we talk more about what we will learn in this course.

About the Training Architect

00:00:44

Lesson Description:

This lesson provides an introduction to the course author, Broadus Palmer.

Terraform

Overview

What Is Terraform?

00:02:16

Lesson Description:

In this lesson, we go over the basics of Terraform, providing the foundational knowledge you’ll need as we delve further into the course.

How Does Terraform Differ from Google Deployment Manager?

00:02:33

Lesson Description:

In this video, we go over some key differences between Terraform and Google Deployment Manager. We will look at the benefits of both as well as how they are both useful for deployments in GCP.

Why You Should Use Terraform to Manage GCP

00:02:01

Lesson Description:

In this lesson, we go over why Terraform is important to use in today's DevOps practices.

Creating Your Terraform Admin Project

Installing Terraform

00:05:02

Lesson Description:

In this lesson, we install Terraform to our Centos 7 local machine and install the Google Cloud SDK. Link to download: https://www.terraform.io/downloads.html Google Cloud SDK Quickstart script:

sudo tee -a /etc/yum.repos.d/google-cloud-sdk.repo << EOM
[google-cloud-sdk]
name=Google Cloud SDK
baseurl=https://packages.cloud.google.com/yum/repos/cloud-sdk-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg
       https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOM
yum install google-cloud-sdk

Creating the Terraform Project and Service Account

00:06:05

Lesson Description:

In this lesson, we create a service account and configuration file for our GCP environment through Terraform. How to copy the key from your local machine to the Linux Academy server: scp terraform-key.json cloud_user@'ipaddress':~ The environment I'm using locally is a MAC OS. template:

provider "google" {
  version = "3.5.0"

  credentials = file("<NAME>.json")

  project = "<PROJECT_ID>"
  region  = "us-central1"
  zone    = "us-central1-c"
}

resource "google_compute_network" "vpc_network" {
  name = "terraform-network"
} 

Enabling APIs

00:02:01

Lesson Description:

In this lesson, we enable a few APIs that will help us connect to services within our environment.

Setting Up Remote State in Cloud Storage

00:06:47

Lesson Description:

In this lesson, we set up a remote state for Terraform in Google Cloud Storage. Template:

provider "google" {
  version = "3.5.0"

  credentials = file("terraform-key.json")

  project = 
  region  = 
  zone    = ""
}

resource "google_compute_network" "vpc_network" {
  name = "new-terraform-network"
}

terraform {
  backend "gcs" {
    buckeet = "tf-state-prod"
    prefix = "terraform/state"
    
   }
}

Terraform `init`, `plan`, and `apply`

Understanding `terraform init`

00:03:54

Lesson Description:

In this lesson, we go over the power of using terraform init. Template

provider "google" {
  version = "3.5.0"
  credentials = file(".json")
  project = ""
  region  = "us-central1"
  zone    = "us-central1-c"
}
resource "google_compute_network" "vpc_network" {
  name = "terraform-network"
}

terraform {
  backend "gcs" {
    bucket  = "tf-state-prod"
    prefix  = "terraform/state"
  }
}

Understanding `terraform plan`

00:05:01

Lesson Description:

In this lesson, we learn more about terraform plan and use it in our terminal.

Understanding `terraform apply`

00:03:59

Lesson Description:

In this lesson, we go over how and when to use terraform apply.

Understanding `terraform output`

00:05:34

Lesson Description:

In this lesson, we are going to talk about terraform output and how it works. Template:

resource "google_compute_instance" "vm_instance" {
  name         = "terraform-instance"
  machine_type = "f1-micro"

  boot_disk {
    initialize_params {
      image = "debian-cloud/debian-9"
    }
  }

  network_interface {
    network = google_compute_network.vpc_network.name

    access_config {
      nat_ip = google_compute_address.static_ip.address
    }
  }
}

resource "google_compute_address" "static_ip" {
  name = "terraform-static-ip"
}

Output template:
output "ip" {
  value = google_compute_address.static_ip.address
  }

Using Terraform to Create a New Project

Using Terraform Modules

00:04:16

Lesson Description:

In this lesson, we learn more about modules and how you can use them to repurpose your configuration files. Module to Use for the Lesson

module "network" {
  source  = "terraform-google-modules/network/google"
  version = "2.0.2"

  network_name = "terraform-vpc-network"
  project_id   = var.project

  subnets = [
    {
      subnet_name   = "subnet-01"
      subnet_ip     = var.cidrs
      subnet_region = var.region

    },
  ]

  secondary_ranges = {
    subnet-01 = []

  }
}

Using Terraform to Create a New VPC

Defining Your Network Variables

00:04:55

Lesson Description:

In this lesson, we define our network variables in our main.tf file. Template to Download

module "network" {
  source  = "terraform-google-modules/network/google"
  version = "1.1.0"
  network_name = "terraform-vpc-network"
  project_id   =

  subnets = [
    {
      subnet_name   = "subnet-01"
      subnet_ip     =
      subnet_region =
    },
  ]

  secondary_ranges = {
    subnet-01 = []
  }
}
**Here is the variable.tf template: ** Template to Download
variable "project" {
  default = 
}

variable "region" {
  default = "us-central1" 
}

variable "zone"  {
  default = "us-central1-c"
}

variable "cidr_ip" {
  default = "10.0.0.0/16"
}

Creating Firewalls and Associated Rules

00:03:28

Lesson Description:

In this lesson, we go over how to use a firewall module to create firewall rules. Template

module "network" {
  source  = "terraform-google-modules/network/google"
  version = "2.0.2"

  network_name = "terraform-vpc-network"
  project_id   = var.project

  subnets = [
    {
      subnet_name   = "subnet-01"
      subnet_ip     = var.cidrs
      subnet_region = var.region

    },
  ]

  secondary_ranges = {
    subnet-01 = []
    
  }
}
    
module "network_fabric-net-firewall" {
  source  = "terraform-google-modules/network/google//modules/fabric-net-firewall"
  version = "1.1.0"
  project_id              = 
  network                 = 
  internal_ranges_enabled = true
  internal_ranges         = 

}

Defining Public and Private Subnets

00:05:20

Lesson Description:

In this lesson, we explore how to create subnets and routes within our main.tf file. Template

module "network" {
  source  = "terraform-google-modules/network/google"
  version = "1.1.0"
  network_name = "my-vpc-network"
  project_id   = var.project

  subnets = [
    {
      subnet_name   = "subnet-01"
      subnet_ip     = var.cidrs
      subnet_region = var.region

    },
  ]

  secondary_ranges = {
    subnet-01 = []
    
  }
}

module "network_routes"
  source  = "terraform-google-modules/network/google//modules/routes"
  version = "2.1.1"
  network_name = module.network.network_name
  project id   = var.project
  
   routes = [
         {
             name                   = "egress-internet"
             description            = "route through IGW to access internet"
             destination_range      = "0.0.0.0/0"
             tags                   = "egress-inet"
             next_hop_internet      = "true"
         },
       
     ]
  }
    
module "network_fabric-net-firewall" {
  source  = "terraform-google-modules/network/google//modules/fabric-net-firewall"
  version = "1.1.0"
  project_id              = var.project
  network                 = module.network.network_name
  internal_ranges_enabled = true
  internal_ranges         = [10.0.0.0/16]

}

Using Terraform to Create Compute Engine Instances

Defining Your Instance Variables

00:05:19

Lesson Description:

In this lesson, we look at defining Compute Engine instance variables to configure and deploy your infrastructure. Template

provider "google" {
  version = "3.5.0"

  credentials = file("terraform-key.json")

  project = ""
  region = ""
  zone = ""
}

resource "google_compute_network" "vpc_network" {
  name = "new-terraform-network"
}
resource "google_compute_instance" "vm_instance" {
  name = ""
  machine_type = ""
  tags =
  zone = ""
  boot_disk {
    initialize_params {
      image = "centos-cloud/centos-7"
    }
  }

  network_interface {
    network =
    access_config {
    }
  }
}

resource "google_compute_firewall" "default" {
  name    = "test-firewall"
  network = google_compute_network.default.name

  allow {
    protocol = "icmp"
  }

  allow {
    protocol = "tcp"
    ports    = ["80", "8080", "1000-2000"]
  }

  source_tags = ["web"]
  source_ranges = ["0.0.0.0/0"]
}

Setting Up Startup Script

00:04:53

Lesson Description:

In this lesson, we cover how to use a startup script to download a web server on your instance. Script

metadata_startup_script = file("startup.sh")

Using Terraform to Auto Scale and Load Balance the Managed Instance Groups

Defining Your Auto Scaling and Load Balancing Variables

00:08:25

Lesson Description:

In this lesson, we define our auto scaling and load balancing variables. Then, we execute our plan. Auto Scaling Configuration Template

provider "google" {
  version = "3.5.0"

  credentials = file("terraform-key.json")

  project = var.project
  region  = "us-central1"
  zone    = "us-central1-c"
}

resource "google_compute_network" "vpc_network" {
  name = "new-terraform-network"
}
resource "google_compute_autoscaler" "foobar" {
  name   = "my-autoscaler"
  project = var.project
  zone   = "us-central1-c"
  target = google_compute_instance_group_manager.foobar.self_link

  autoscaling_policy {
    max_replicas    = 5
    min_replicas    = 1
    cooldown_period = 60

    cpu_utilization {
      target = 0.5
    }
  }
}

resource "google_compute_instance_template" "foobar" {
  name           = "my-instance-template"
  machine_type   = "n1-standard-1"
  can_ip_forward = false
  project = var.project
  tags = ["foo", "bar", "allow-lb-service"]

  disk {
    source_image = data.google_compute_image.centos_7.self_link
  }

  network_interface {
    network = "default"
  }

  metadata = {
    foo = "bar"
  }

  service_account {
    scopes = ["userinfo-email", "compute-ro", "storage-ro"]
  }
}

resource "google_compute_target_pool" "foobar" {
  name = "my-target-pool"
  project = var.project
  region = var.region
}

resource "google_compute_instance_group_manager" "foobar" {
  name = "my-igm"
  zone = "us-central1-c"
  project = var.project
  version {
    instance_template  = google_compute_instance_template.foobar.self_link
    name               = "primary"
  }

  target_pools       = [google_compute_target_pool.foobar.self_link]
  base_instance_name = "terraform"
}

data "google_compute_image" "centos_7" {
  family  = "centos-7"
  project = "centos-cloud"
}
Load Balancer Module
module "lb" {
  source  = "GoogleCloudPlatform/lb/google"
  version = "2.2.0"
  region       = var.region
  name         = "load-balancer"
  service_port = 80
  target_tags  = ["my-target-pool"]
  network      = google_compute_network.vpc_network.name
}

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

01:00:00

Cleaning Up

Destroying Resources Using Terraform

00:03:14

Lesson Description:

In this lesson, we go over how to use terraform destroy to destroy all resources within our configuration file.

Course Conclusion

Final Steps

What's Next?

00:01:18

Lesson Description:

Learn what's next for you with this lesson.

Take this course and learn a new skill today.

Transform your learning with our all access plan.

Start 7-Day Free Trial