gsdevme · October 3, 2017 23:05
diff --git a/main.tf b/main.tf
 // https://www.terraform.io/docs/providers/google/index.html
 provider "google" {
  region = "${var.region}"
  project = "${var.project_name}"
 }

 // https://www.terraform.io/docs/providers/google/d/datasource_compute_network.html
 resource "google_compute_network" "default" {
  name = "ecom"
 }

 // https://www.terraform.io/docs/providers/google/d/datasource_compute_subnetwork.html
 resource "google_compute_subnetwork" "ecom_subnet" {
  name = "ecom-subnet"
  // http://www.aboutmyip.com/AboutMyXApp/SubnetCalculator.jsp?ipAddress=10.0.0.0&cidr=20
  // Possible 4094 devices
  // First host: 10.0.0.1
  // Last host:  10.0.15.254
  ip_cidr_range = "10.0.0.0/21"
  network = "${google_compute_network.default.name}"
  region = "${var.region}"
 }

 // https://www.terraform.io/docs/providers/google/r/compute_firewall.html
 resource "google_compute_firewall" "ecom-network-public-http" {
  name = "allow-public-http-traffic"
  network = "${google_compute_network.default.name}"

  allow {
    protocol = "tcp"
    ports = [
      "80"
    ]
  }

  target_tags = [
    "http-server"
  ]

  source_ranges = [
    "0.0.0.0/0"
    // = everything @todo
  ]
 }

 resource "google_compute_firewall" "ecom-network-internal-ssh" {
  name = "allow-public-internal-ssh"
  network = "${google_compute_network.default.name}"

  allow {
    protocol = "tcp"
    ports = [
      "22"
    ]
  }

  target_tags = [
    "ssh-server"
  ]

  source_ranges = [
    "0.0.0.0/0"
    // = everything @todo
  ]
 }

 // This is the main public IP address for the application
 // https://www.terraform.io/docs/providers/google/r/compute_address.html
 resource "google_compute_global_address" "ecom_public_address" {
  name = "ecom-public-address"
 }

 // SSL Certificates for the load balancer
 resource "google_compute_ssl_certificate" "ssl" {
  name = "ssl"
  private_key = "${file("private.key")}"
  certificate = "${file("cert.pem")}"
 }

 // HTTPS Proxy to terminate the TLS/SSL connection
 resource "google_compute_target_https_proxy" "https_load_balancer" {
  name = "https-load-balancer"

  url_map = "${google_compute_url_map.default.self_link}"
  ssl_certificates = [
    "${google_compute_ssl_certificate.ssl.self_link}"
  ]
 }

 // Forward traffic on the Public IP address to the HTTPS Load Balancer (Port 443)
 // https://www.terraform.io/docs/providers/google/r/compute_global_forwarding_rule.html
 resource "google_compute_global_forwarding_rule" "https_fowarding_rule" {
  name = "public-https-forwarding-rule"
  target = "${google_compute_target_https_proxy.https_load_balancer.self_link}"

  ip_protocol = "tcp"
  ip_address = "${google_compute_global_address.ecom_public_address.address}"

  port_range = "443"
 }

 // URL Map. Maps hosts & paths to the correct 'service'
 resource "google_compute_url_map" "default" {
  name = "ecom"

  default_service = "${google_compute_region_backend_service.default.self_link}"
 }

 resource "google_compute_instance_template" "varnish_instance_template" {
  name_prefix = "www-varnish-template-"
  machine_type = "f1-micro"
  region = "${var.region}"

  tags = [
    "http-server",
    "ssh-server"
  ]

  disk {
    auto_delete = true
    boot = true
    disk_type = "pd-ssd"
    disk_size_gb = 20
    source_image = "centos-6-v20161027"
  }

  network_interface {
    subnetwork = "${google_compute_subnetwork.ecom_subnet.name}"

    access_config {
      // Ephemeral IP
    }
  }

  lifecycle {
    create_before_destroy = true
  }

  metadata_startup_script = "yum clean all && yum install epel-release -y && yum install nginx -y && service nginx start"

  metadata {
    // some metadata
  }
 }

 resource "google_compute_region_instance_group_manager" "varnish_instance_group_manager" {
  name = "varnish-instance-regional-group-manager"
  instance_template = "${google_compute_instance_template.varnish_instance_template.self_link}"
  base_instance_name = "www-varnish"
  region = "${var.region}"

  # Create two instances of Varnish
  target_size = "2"

  named_port {
    name = "http"
    port = 88
  }
 }

 resource "google_compute_region_backend_service" "default" {
  name = "ecom-backend"
  protocol = "HTTP"
  timeout_sec = 10

  backend {
    group = "${google_compute_region_instance_group_manager.varnish_instance_group_manager.instance_group}"
  }

  health_checks = [
    "${google_compute_http_health_check.default.self_link}"
  ]
 }

 resource "google_compute_http_health_check" "default" {
  name = "ecom-health-check"
  request_path = "/"
  check_interval_sec = 1
  timeout_sec = 1
 }
	// https://www.terraform.io/docs/providers/google/index.html
	provider "google" {
	region = "${var.region}"
	project = "${var.project_name}"
	}

	// https://www.terraform.io/docs/providers/google/d/datasource_compute_network.html
	resource "google_compute_network" "default" {
	name = "ecom"
	}

	// https://www.terraform.io/docs/providers/google/d/datasource_compute_subnetwork.html
	resource "google_compute_subnetwork" "ecom_subnet" {
	name = "ecom-subnet"
	// http://www.aboutmyip.com/AboutMyXApp/SubnetCalculator.jsp?ipAddress=10.0.0.0&cidr=20
	// Possible 4094 devices
	// First host: 10.0.0.1
	// Last host: 10.0.15.254
	ip_cidr_range = "10.0.0.0/21"
	network = "${google_compute_network.default.name}"
	region = "${var.region}"
	}

	// https://www.terraform.io/docs/providers/google/r/compute_firewall.html
	resource "google_compute_firewall" "ecom-network-public-http" {
	name = "allow-public-http-traffic"
	network = "${google_compute_network.default.name}"

	allow {
	protocol = "tcp"
	ports = [
	"80"
	]
	}

	target_tags = [
	"http-server"
	]

	source_ranges = [
	"0.0.0.0/0"
	// = everything @todo
	]
	}

	resource "google_compute_firewall" "ecom-network-internal-ssh" {
	name = "allow-public-internal-ssh"
	network = "${google_compute_network.default.name}"

	allow {
	protocol = "tcp"
	ports = [
	"22"
	]
	}

	target_tags = [
	"ssh-server"
	]

	source_ranges = [
	"0.0.0.0/0"
	// = everything @todo
	]
	}

	// This is the main public IP address for the application
	// https://www.terraform.io/docs/providers/google/r/compute_address.html
	resource "google_compute_global_address" "ecom_public_address" {
	name = "ecom-public-address"
	}

	// SSL Certificates for the load balancer
	resource "google_compute_ssl_certificate" "ssl" {
	name = "ssl"
	private_key = "${file("private.key")}"
	certificate = "${file("cert.pem")}"
	}

	// HTTPS Proxy to terminate the TLS/SSL connection
	resource "google_compute_target_https_proxy" "https_load_balancer" {
	name = "https-load-balancer"

	url_map = "${google_compute_url_map.default.self_link}"
	ssl_certificates = [
	"${google_compute_ssl_certificate.ssl.self_link}"
	]
	}

	// Forward traffic on the Public IP address to the HTTPS Load Balancer (Port 443)
	// https://www.terraform.io/docs/providers/google/r/compute_global_forwarding_rule.html
	resource "google_compute_global_forwarding_rule" "https_fowarding_rule" {
	name = "public-https-forwarding-rule"
	target = "${google_compute_target_https_proxy.https_load_balancer.self_link}"

	ip_protocol = "tcp"
	ip_address = "${google_compute_global_address.ecom_public_address.address}"

	port_range = "443"
	}

	// URL Map. Maps hosts & paths to the correct 'service'
	resource "google_compute_url_map" "default" {
	name = "ecom"

	default_service = "${google_compute_region_backend_service.default.self_link}"
	}

	resource "google_compute_instance_template" "varnish_instance_template" {
	name_prefix = "www-varnish-template-"
	machine_type = "f1-micro"
	region = "${var.region}"

	tags = [
	"http-server",
	"ssh-server"
	]

	disk {
	auto_delete = true
	boot = true
	disk_type = "pd-ssd"
	disk_size_gb = 20
	source_image = "centos-6-v20161027"
	}

	network_interface {
	subnetwork = "${google_compute_subnetwork.ecom_subnet.name}"

	access_config {
	// Ephemeral IP
	}
	}

	lifecycle {
	create_before_destroy = true
	}

	metadata_startup_script = "yum clean all && yum install epel-release -y && yum install nginx -y && service nginx start"

	metadata {
	// some metadata
	}
	}

	resource "google_compute_region_instance_group_manager" "varnish_instance_group_manager" {
	name = "varnish-instance-regional-group-manager"
	instance_template = "${google_compute_instance_template.varnish_instance_template.self_link}"
	base_instance_name = "www-varnish"
	region = "${var.region}"

	# Create two instances of Varnish
	target_size = "2"

	named_port {
	name = "http"
	port = 88
	}
	}

	resource "google_compute_region_backend_service" "default" {
	name = "ecom-backend"
	protocol = "HTTP"
	timeout_sec = 10

	backend {
	group = "${google_compute_region_instance_group_manager.varnish_instance_group_manager.instance_group}"
	}

	health_checks = [
	"${google_compute_http_health_check.default.self_link}"
	]
	}

	resource "google_compute_http_health_check" "default" {
	name = "ecom-health-check"
	request_path = "/"
	check_interval_sec = 1
	timeout_sec = 1
	}