Initial commit

README.md

@@ -1,2 +1,30 @@
-# terraform-gcp-fedora-vm
-Deploying a Fedora VM in GCP using Terraform
+# Deploy a Fedora VM Instance in GCP with Terraform
+
+The script will deploy Fedora Linux on a VM instance.
+
+- app-variables.tf -->  Application variables
+
+- fedora-versions.tf --> Fedora Versions
+
+- linux-vm-main.tf --> Create a Fedora VM using Terraform
+
+- linux-vm-output.tf --> VM Output
+
+- linux-vm-variables.tf --> VM Variables 
+
+- network-firewall.tf --> Configure basic firewall for the network
+
+- network-main.tf --> Define network, vpc, subnet
+
+- network-variables.tf --> Network variables
+
+- provider-main.tf --> Configure Terraform and Google Cloud providers
+
+- provider-variables --> Authentication variables
+
+- terraform.tfvars --> Defining variables 
+
+# Notes
+
+Create the .JSON file for authentication --> https://gmusumeci.medium.com/how-to-create-a-service-account-for-terraform-in-gcp-google-cloud-platform-f75a0cf918d1
+

app-variables.tf

@@ -0,0 +1,28 @@
+#############################
+## Application - Variables ##
+#############################
+
+# company name 
+variable "company" {
+  type        = string
+  description = "This variable defines the company name used to build resources"
+}
+
+# application name 
+variable "app_name" {
+  type        = string
+  description = "This variable defines the application name used to build resources"
+}
+
+# domain name 
+variable "app_domain" {
+  type        = string
+  description = "This variable defines the domain name used to build resources"
+}
+
+# environment
+variable "environment" {
+  type        = string
+  description = "This variable defines the environment to be built"
+}
+

fedora-versions.tf

@@ -0,0 +1,27 @@
+#####################
+## Fedora Versions ##
+#####################
+
+variable "fedora_35_sku" {
+  type        = string
+  description = "SKU for Fedora 35"
+  default     = "fedora-cloud/fedora-cloud-35"
+}
+
+variable "fedora_34_sku" {
+  type        = string
+  description = "SKU for Fedora 34"
+  default     = "fedora-cloud/fedora-cloud-34"
+}
+
+variable "fedora_33_sku" {
+  type        = string
+  description = "SKU for Fedora 33"
+  default     = "fedora-cloud/fedora-cloud-33"
+}
+
+variable "fedora_coreos_sku" {
+  type        = string
+  description = "SKU for Fedora CoreOS"
+  default     = "fedora-coreos-cloud/fedora-coreos-stable"
+}

linux-vm-main.tf

@@ -0,0 +1,29 @@
+#########################
+## GCP Linux VM - Main ##
+#########################
+
+# Terraform plugin for creating random ids
+resource "random_id" "instance_id" {
+  byte_length = 4
+}
+
+# Create VM
+resource "google_compute_instance" "vm_instance_public" {
+  name         = "${lower(var.company)}-${lower(var.app_name)}-${var.environment}-vm${random_id.instance_id.hex}"
+  machine_type = var.linux_instance_type
+  zone         = var.gcp_zone
+  hostname     = "${var.app_name}-vm${random_id.instance_id.hex}.${var.app_domain}"
+  tags         = ["ssh","http"]
+
+  boot_disk {
+    initialize_params {
+      image = var.fedora_35_sku
+    }
+  }
+
+  network_interface {
+    network       = google_compute_network.vpc.name
+    subnetwork    = google_compute_subnetwork.network_subnet.name
+    access_config { }
+  }
+} 

linux-vm-output.tf

@@ -0,0 +1,15 @@
+###########################
+## GCP Linux VM - Output ##
+###########################
+
+output "vm-name" {
+  value = google_compute_instance.vm_instance_public.name
+}
+
+output "vm-external-ip" {
+  value = google_compute_instance.vm_instance_public.network_interface.0.access_config.0.nat_ip
+}
+
+output "vm-internal-ip" {
+  value = google_compute_instance.vm_instance_public.network_interface.0.network_ip
+}

linux-vm-variables.tf

@@ -0,0 +1,9 @@
+##############################
+## GCP Linux VM - Variables ##
+##############################
+
+variable "linux_instance_type" {
+  type        = string
+  description = "VM instance type"
+  default     = "f1-micro"
+}

network-firewall.tf

@@ -0,0 +1,55 @@
+###################################
+## Network Firewall Rules - Main ##
+###################################
+
+# Allow http
+resource "google_compute_firewall" "allow-http" {
+  name    = "${var.app_name}-${var.environment}-fw-allow-http"
+  network = google_compute_network.vpc.name
+  allow {
+    protocol = "tcp"
+    ports    = ["80"]
+  }
+
+  source_ranges = ["0.0.0.0/0"]
+  target_tags = ["http"] 
+}
+
+# allow https
+resource "google_compute_firewall" "allow-https" {
+  name    = "${var.app_name}-${var.environment}-fw-allow-https"
+  network = google_compute_network.vpc.name
+  allow {
+    protocol = "tcp"
+    ports    = ["443"]
+  }
+
+  source_ranges = ["0.0.0.0/0"]
+  target_tags = ["https"] 
+}
+
+# allow ssh
+resource "google_compute_firewall" "allow-ssh" {
+  name    = "${var.app_name}-${var.environment}-fw-allow-ssh"
+  network = google_compute_network.vpc.name
+  allow {
+    protocol = "tcp"
+    ports    = ["22"]
+  }
+
+  source_ranges = ["0.0.0.0/0"]
+  target_tags = ["ssh"]
+}
+
+# allow rdp
+resource "google_compute_firewall" "allow-rdp" {
+  name    = "${var.app_name}-${var.environment}-fw-allow-rdp"
+  network = google_compute_network.vpc.name
+  allow {
+    protocol = "tcp"
+    ports    = ["3389"]
+  }
+
+  source_ranges = ["0.0.0.0/0"]
+  target_tags = ["rdp"]
+}

network-main.tf

@@ -0,0 +1,18 @@
+####################
+## Network - Main ##
+####################
+
+# create VPC
+resource "google_compute_network" "vpc" {
+  name                    = "${lower(var.company)}-${lower(var.app_name)}-${var.environment}-vpc"
+  auto_create_subnetworks = "false"
+  routing_mode            = "GLOBAL"
+}
+
+# create public subnet
+resource "google_compute_subnetwork" "network_subnet" {
+  name          = "${lower(var.company)}-${lower(var.app_name)}-${var.environment}-subnet"
+  ip_cidr_range = var.network-subnet-cidr
+  network       = google_compute_network.vpc.name
+  region        = var.gcp_region
+}

network-variables.tf

@@ -0,0 +1,8 @@
+#########################
+## Network - Variables ##
+#########################
+
+variable "network-subnet-cidr" {
+  type        = string
+  description = "The CIDR for the network subnet"
+}

provider-main.tf

@@ -0,0 +1,22 @@
+#########################
+## GCP Provider - Main ##
+#########################
+
+# Define Terraform provider
+terraform {
+  required_version = "~> 1.0"
+
+  required_providers {
+    google = {
+      source = "hashicorp/google"
+      // version = "4.11.0" # pinning version
+    }
+  }
+}
+
+provider "google" {
+  credentials = file(var.gcp_auth_file)
+  project     = var.gcp_project
+  region      = var.gcp_region
+  zone        = var.gcp_zone
+}

provider-variables.tf

@@ -0,0 +1,27 @@
+##############################
+## GCP Provider - Variables ##
+##############################
+
+# GCP authentication file
+variable "gcp_auth_file" {
+  type        = string
+  description = "GCP authentication file"
+}
+
+# define GCP project name
+variable "gcp_project" {
+  type        = string
+  description = "GCP project name"
+}
+
+# define GCP region
+variable "gcp_region" {
+  type        = string
+  description = "GCP region"
+}
+
+# define GCP region
+variable "gcp_zone" {
+  type        = string
+  description = "GCP zone"
+}

terraform.tfvars

@@ -0,0 +1,17 @@
+# Application Definition 
+company     = "kopicloud"
+app_name    = "iac-fedora"
+app_domain  = "kopicloud.com"
+environment = "dev" # Dev, Test, Prod, etc
+
+# GCP Settings
+gcp_project   = "kopicloud-medium-341901"
+gcp_region    = "europe-west4"
+gcp_zone      = "europe-west4-b"
+gcp_auth_file = "../auth/kopicloud-medium.json"
+
+# GCP Netwok
+network-subnet-cidr = "10.10.12.0/24"
+
+# Linux VM
+linux_instance_type = "f1-micro"