Skip to content
This repository has been archived by the owner on Mar 4, 2022. It is now read-only.

mazgi-showcase/202005.gce-webapp-environment

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
Dockerfile.d/provisioning
Dockerfile.d/provisioning
 
 
config/credentials
config/credentials
 
 
docs/images
docs/images
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
app.certificate.tf
app.certificate.tf
 
 
app.firewall.tf
app.firewall.tf
 
 
app.instance-group.tf
app.instance-group.tf
 
 
app.instance.tf
app.instance.tf
 
 
app.load-balancer.tf
app.load-balancer.tf
 
 
cloud-armor.tf
cloud-armor.tf
 
 
cloud_sql.tf
cloud_sql.tf
 
 
dns.tf
dns.tf
 
 
docker-compose.yml
docker-compose.yml
 
 
how-to-check-the-provisioned-environment.md
how-to-check-the-provisioned-environment.md
 
 
locals.tf
locals.tf
 
 
nat_gateway.instance.tf
nat_gateway.instance.tf
 
 
nat_gateway.routes.tf
nat_gateway.routes.tf
 
 
outputs.tf
outputs.tf
 
 
redis.tf
redis.tf
 
 
step.instance.tf
step.instance.tf
 
 
step.metadata_startup_script.template.sh
step.metadata_startup_script.template.sh
 
 
step.service-account.tf
step.service-account.tf
 
 
step.ssh_private_keys.tf
step.ssh_private_keys.tf
 
 
terraform.tf
terraform.tf
 
 
user.ssh-pubkeys.tf
user.ssh-pubkeys.tf
 
 
variable.tf
variable.tf
 
 
vpc.tf
vpc.tf
 
 

Repository files navigation

Google Compute Engine Web App Environment

What is this?

This repository is a provisioning example of the Google Cloud Platform to serve a traditional Web Application.

The example provision the system as composed below resources by Terraform.

  • Cloud DNS
  • Cloud Load Balancing
  • Cloud Armor
  • Compute Engine
  • Cloud SQL for MySQL
  • Memorystore for Redis

overview

Prepare

1. Create Google Cloud service account and generate the key

You need a Google Cloud service account that has roles as below.

  • Owner
  • Storage Admin

If you don't have any service account, you should create a new one.
If your service account has not the above roles, you should add the roles.

gcp-console.service-account

Place GCP service account key as a JSON formatted file at config/credentials/google-cloud-keyfile.json.

If you use 1Password, you can get the file like below command.

op get document YOUR-DOCUMENT-NAME > config/credentials/google-cloud-keyfile.json

To get more information about Google Cloud service account and service account key, see:

2. Create .env file

Create a text file as named .env like below.

# UID=1000 # only needs on Linux/UNIX
# GID=100 # only needs on Linux/UNIX
CLOUDSDK_CORE_PROJECT=YOUR-GCP-PROJECT-NAME
TF_VAR_gcp_project_id=YOUR-GCP-PROJECT-NAME
PROJECT_UNIQUE_ID=YOUR-UNIQUE-STRING
TF_VAR_project_unique_id=YOUR-UNIQUE-STRING
TF_VAR_basename=YOUR-STRING-FOR-PREFIX
TF_VAR_basedomain=your-delegatable-domain.example.com
TF_VAR_ip_cidr_range=10.0.0.0/24
TF_VAR_cidr_blocks_allow_http=["0.0.0.0/0"]
TF_VAR_cidr_blocks_allow_http_restricted=["0.0.0.0/0"]
TF_VAR_cidr_blocks_allow_ssh=["0.0.0.0/0"]
TF_VAR_cloud_sql_root_password=A-PASSWORD-YOU-DECIDED
TF_VAR_cloud_sql_reader_password=A-PASSWORD-YOU-DECIDED
TF_VAR_cloud_sql_writer_password=A-PASSWORD-YOU-DECIDED
TF_VAR_github_accounts_for_ssh=["your-github-account-name"]

3. Place user SSH public keys

Download user SSH public keys from GitHub like below commands.
The public keys are used for SSH login to the step servers.

mkdir -p tmp/users-keys/mazgi
curl -L github.com/mazgi.keys > tmp/users-keys/mazgi/pubkeys.txt

Provisioning

docker-compose up provisioning
docker-compose run provisioning terraform apply

You get outputs like below if your terraform apply command succeeded.
You should delegate the sub-domain with name_servers values you get.

terraform-outputs

Test

See How to check the provisioned environment.

Links

About

No description or website provided.

Topics

terraform example google-cloud-platform

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages