Deploy Google Cloud resources with Terraform
Terraform is a infrastructure as code (IaC) tool which helps to deploy infrastructure resources on public cloud platforms like AWS, Azure, GCP, Oracle Cloud, Ali Cloud etc. with few private clouds support. In this blog post, we’ll explore how to deploy GCP resources through Terraform.
Pre-requisites:
- Terraform Binary
- Google Cloud SDK
- VS code or any other Code editor
- GCP Service account & project
First, you need to setup the project in Google cloud console, if you don’t have one, create a new project from IAM & admin. Click on Create to create the project.
Make a note of the project Id since you’d require it in google providers block in terraform. Set up a service account with the Service Account Admin permission. Next, start creating the terraform configuration file, for this post, lets provision a GKE Node pool cluster. Here goes the terraform configuration for the gke_node_pool.tf file.
resource “google_service_account” “default” {
account_id = var.service_account_id
display_name = var.service_display_name
}
resource “google_container_cluster” “primary” {
name = var.primary_cluster_name
location = var.primary_cluster_location
remove_default_node_pool = true
initial_node_count = 1
}
resource “google_container_node_pool” “primary_preemptible_nodes” {
name = var.node_pool_cluster_name
cluster = google_container_cluster.primary.id
node_count = 1
node_config {
preemptible = true
machine_type = “e2-medium”
service_account = google_service_account.default.email
oauth_scopes = [
“https://www.googleapis.com/auth/cloud-platform"
]
}
}
In the providers section, make sure to mention the GCP project Id instead of project. You can also authenticate to GCloud console before terraform deployment with this command
gcloud auth application-default login
gcloud config set project $project_id
Once, the GKE cluster is being deployed, it looks like as the following on the gcloud dashboard of the kubernetes cluster section.
The parameters like gke_cluster_name, location, region, service_endpoint etc. are immutable for a cluster including the features from networking like vpc, subnet details, cluster pod address ranges, service address ranges, confidential gke nodes, metadata etc.
You can click on “Connect” button from the GKE cluster from the gcp portal. Copy the kubectl command line access commands in order to connect to the GKE cluster. You may paste the following nginx deployment yaml manifest to deploy into the GKE cluster.
apiVersion: v1
kind: Pod
metadata:
name: nginx-demo
labels:
name: nginx-demo
spec:
containers:
- image: marketplace.gcr.io/google/nginx1
name: nginx
Additionally, you can also view the gke monitoring dashboard to view the overall cluster health status, each individual node health report, CPU, memory, storage/disk capacity according to namespaces, each workload types, container restarts, error logs, cpu/memory/disk utilization to up to pods & container level capacity display.
You may further drill-down to metrics for container CPU, memory, ephemeral storage, pod & container network ingress & egress, pod volume, alerts, logging, events etc.
The sample terraform configurations for the gcloud resources are committed in the following GitHub repo for reference.