Terraform with GCP (Google Cloud Platform)

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hi developers let's learn how to use t refer to provision resources in Google cloud platform GCP will try to create a virtual machine instance and a network VPC for that we'll explore the different terraform commands like the terraform in it to download the provider needed to come to communicate with the rest api of the Google cloud platform then we will try to use the T reform plan which will give us an overview of the changes that will be applied to the GCP cloud after that when we are ready to apply those changes we can apply them using the command T reform apply and at the end of the demo if we want to delete all the created resources then we can use the command terraform destroy so let's get started here we'll be creating a compute instance virtual machine and an addition to that will be also creating a compute network or VPC network on Google cloud platform here I have the terraform configuration files that will connect to my project on Google cloud platform then I have here the two resources that I want to create the first one is the Google compute instance this one will be called VM instance it will have the name terraform instance and the offer for the virtual machine will be the f1 micro and this is the smallest virtual machine on GCE then it will for its configuration it will use the boot disk for Debian Debian 9 in order to to attach this disk when the VM starts so it will use the OS Debian then we will configure its network interface you will be using the network coming from the V PC network the VPC Network is the second resource that we want to create this one uses Google compute network it will be called terraform network and it will use the auto create sub networks equal to true so this is the terraform template that contains the configuration that we want to create on GCP now if we want to deploy this and to GCP then first of all we need to authenticate to CCP then we need to have the right access in order to do booze to do boost actions in order to provision resources so let's do that I've switched back to my browser so here if you don't have yet a an account on GCP you can do that by going to google cloud google.com slash free and from here you can create a free account where you will have 300 bucks in order to try some resources I have already done that and from my dashboard they can see the different resources that they can create from the App Engine compute engine kubernetes cloud functions and so on in order to deploy my resources now that by using tariff or I want to deploy them into a new project for that here I'll go to this window from here and they're going to say I want to create a new project so click a new project and from here I give a name to my project let's call it terraform GCP then click create once the project is now it's being created so let's wait for a few seconds and once the project is created I go to click on it in order to go to the dashboard specific for my new project and from here I need to create a service account to do that I'd go to am and admin and select service accounts here I don't have any service account defined it yet but I go to create a new one I'll give it a name saying Clara forum - si then click create the second step would be granting this service account access to the project so we need to select a role here the role I want to give it is the project editor so let's select that but of course note that you have other under access types if you want to give it access only to your App Engine then of course you can do that here for me for this demo I just give it access to all the resources inside this project after that I'd go to continue to create this tips account with the role editor and what once that's done now I can go to create dickey so let's click create key and from here you have the two options of using JSON or p12 if you are seeking older versions for my case I want this on key it will be downloaded and it is open it here and my vs code so from here you see the content of this JSON key it says this is the service account I want to use it's the type then the project ID then here I have the private key ID and the private key for my certificate so this should be a kept secret and shouldn't be shared with anyone because it will give him access to full access to your GPA resources then we have the client email that will be used with this with this service account and some other useful information to to be authentic upon ticketed to GCP now I'll go to copy this file into my project source folder here so for that I open my downloads I'll copy this project then I paste it through my DCP demo so that will be available from here now from my main dot tf5 here I need to update the name of the service account JSON file I'm using so here I suppose I'm using service account of JSON so I'll use a copy this name and rename the a JSON file that I have yet so it's rename it to service account and then for this template I need also to update the project demo or the project ID for that I'd go back to my GCP dashboard and from here I'll go to get the information about my a project ID so this should be the project ID for for the project they have created let's update this value right here and now I accept that the region would be a US central one and the zone is US Central and see now we have configured our terraform templates to connect to my project using the service account but we still have one additional step to do that is granting more access to our service account for that I'll go to a and admin and from here I go to edit the the access that this service account have on my project so we have already granted it the project editor but in addition to that we need to grant him more access for that I'll add another role and this time should be the role compute so we'll add the role compute admin and in addition to that we'll add another role also for compute but this one should be the compute networks so I select compute network admin hit save now the policy were updated successfully and now the service account I'm using here have the full access to create virtual machines and networks let's now deploy the steerer form template into GCP for that i'll use the terminal and from here make sure you are and the same are reproduced in the same folder where you have your main duty F and the service account gist on here I have the Terra forum command line already and studied so if I type terraform right here then it will give me all the commands that I can use this means that it was configured successfully on my machine otherwise you can install it from you can go to the JIRA forum website and you can get the instructions to install the terror forum CLI once it's installed now we can start initializing our terraform configuration for that I'll use the command terraform in it with their affirm in East will go to read my main dot TF file and it will detect the providers that should be used and my case it should use the Google provider for that you will download the provider to be used later with at your forum apply and tariff or a plan so our second command would be the tea reform apply or tea reform a plan actually so before applying the changes to gtp we want to plant those changes we want to see what key reform when what changes the reform will make on our GCP account and that would be done by tea reform plan it will not it touch to our GCP account but it will only check what are the resources to be created here detected that it will add two resources nothing to change and nothing to destroy and the two resources that will be created are dvb-c network and also the google compute instance call it VM instance with this configuration that we have specified now we are ready to apply the configuration let's go to use the command key reform apply this one will take the plan that we are detected and then it will try to apply the changes to the GCP and here it asks for a permission to apply those changes and here I go to say yes I want to make those changes and here we get an error that is it is saying here that we need to enable the project that we have created and to do that it gives us here the link to to enable the project so I'll copy the link for the project to be enabled and I'll go back to my browser and here I'll paste the link so this is how gtp works and each time you create a new project we need to enable it because this when enabling a project this means it will start a charging money for this project so I'm enabling this API this will take only a few seconds and after that we'll be able to resume applying the changes and once that's done now I can go back to my terminal window and from here I'll apply again the changes by using the command again to reform apply and say yes I want those changes and now terraform connected to my GCP project and it started creating the V PC Network and in a few seconds it will start creating my virtual machine instance let's wait for it for a few seconds and it finishes the the provisioning of those resources and the deployment did complete successfully here so two resources that were added successfully to the GCP account now if I go back to my to my dashboard from Google cloud platform here for the you can see that now we have a compute engine that were created we can go to the created compute instance by creating by clicking on it and here we can see that resource with its a configuration that we are is created by using terraform so this was how to create resources by using terraform now if we want to destroy or to delete those resources then we have specified a terraform command to do exactly that so let's go to clear this and let's use the command key reform destroy terraform destroy will destroy all the resources that were previously created so here this means we will destroy it or it will delete the instance BM and the network V PC I confirm that I want to do this action and now it started destroying those resources this will take a few seconds so let's wait for it and meanwhile let's let me give you some other resources that you can use if you want to go deeper with using T reform with Google cloud platform so from here you can get the main dot EF that I have used today and this demo and this repository and on this repository T reform providers you can find the different providers use it by T reform as their form is an open source project so here they publish all the source code for their providers including asier resource manager Google cloud platform Amazon AWS vSphere Ally cloud cover niches and many more you can find them right here and to get more details about the different configurations or about the different resources that we can deploy into Google cloud platform you can go to the terraform documentation where here you can find the different tutorials and different code examples for deploying compute engines for deploying kubernetes for deploying bigquery tables app engine and many more and you'll find all the documentation for reduced for me for this demo I where it was highly inspired by this tutorial where here it gives more information about the configuration at the end make sure to subscribe to my youtube channel where I post regularly about cloud and DevOps

Info

Channel: Houssem Dellai

Views: 28,471

Rating: undefined out of 5

Keywords: terraform, iac, infrastructure as code, gcp, cloud, google, vm

Id: O05KkBlAuFg

Channel Id: undefined

Length: 15min 27sec (927 seconds)

Published: Tue May 14 2019