github/weave-scope
1
0
Fork 0
mirror of https://github.com/weaveworks/scope.git synced 2026-03-02 17:50:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
delete-data
weave-scope/tools/provisioning/gcp/main.tf
Bryan Boreham 1e5cdc4210 Merge commit '7f4bab626e5544d14293f2ab79b2b0642125476a'
2018-08-10 12:31:52 +00:00

94 lines
2.1 KiB
HCL
Executable File
Raw Permalink Blame History

provider "google" {
# Set the below environment variables:
# - GOOGLE_CREDENTIALS
# - GOOGLE_PROJECT
# - GOOGLE_REGION
# or configure directly below.
# See also:
# - https://www.terraform.io/docs/providers/google/
# - https://console.cloud.google.com/apis/credentials/serviceaccountkey?project=<PROJECT ID>&authuser=1
region = "${var.gcp_region}"
project = "${var.gcp_project}"
}
resource "google_compute_instance" "tf_test_vm" {
name = "${var.name}-${count.index}"
machine_type = "${var.gcp_size}"
zone = "${var.gcp_zone}"
count = "${var.num_hosts}"
disk {
image = "${var.gcp_image}"
}
tags = [
"${var.app}",
"${var.name}",
"terraform",
]
network_interface {
network = "${var.gcp_network}"
access_config {
// Ephemeral IP
}
}
metadata {
ssh-keys = "${var.gcp_username}:${file("${var.gcp_public_key_path}")}"
}
# Wait for machine to be SSH-able:
provisioner "remote-exec" {
inline = ["exit"]
connection {
type = "ssh"
user = "${var.gcp_username}"
private_key = "${file("${var.gcp_private_key_path}")}"
}
}
}
resource "google_compute_firewall" "fw-allow-docker-and-weave" {
name = "${var.name}-allow-docker-and-weave"
network = "${var.gcp_network}"
target_tags = ["${var.name}"]
allow {
protocol = "tcp"
ports = ["2375", "12375"]
}
source_ranges = ["${var.client_ip}"]
}
# Required for FastDP crypto in Weave Net:
resource "google_compute_firewall" "fw-allow-esp" {
name = "${var.name}-allow-esp"
network = "${var.gcp_network}"
target_tags = ["${var.name}"]
allow {
protocol = "esp"
}
source_ranges = ["${var.gcp_network_global_cidr}"]
}
# Required for WKS Kubernetes API server access
resource "google_compute_firewall" "fw-allow-kube-apiserver" {
name = "${var.name}-allow-kube-apiserver"
network = "${var.gcp_network}"
target_tags = ["${var.name}"]
allow {
protocol = "tcp"
ports = ["6443"]
}
source_ranges = ["${var.client_ip}"]
}
Reference in New Issue View Git Blame Copy Permalink