public/terraform-provider-google
0
0
Fork 0
mirror of https://github.com/letic/terraform-provider-google.git synced 2024-07-03 16:52:40 +00:00
Code Issues Projects Releases Wiki Activity
91bca3a4fa
terraform-provider-google/examples/shared-vpc/README.md
Nathan McKinley f7bdcde1c4
Add an example of use of shared VPC networking. (#810) 
Brings up four projects:
  - one to host the VPC
  - two to use the VPC
  - one which is outside the VPC

This is based on the diagram in https://cloud.google.com/vpc/docs/shared-vpc and uses the names there where possible for clarity.

On one of the machines, a page is generated demonstrating that the networking is working the way you'd expect.  That machine's public IP is output by `terraform apply`.
2017-12-06 14:52:48 -08:00

2.0 KiB
Raw Blame History

Shared Virtual Private Cloud Networking in Google Cloud

This is a template showcasing the shared VPC feature in Google Cloud. It features four projects:

  • A host project, which owns a VPC
  • Two service projects, each of which owns a VM connected to the VPC
  • A fourth project, which owns a VM not connected to the VPC.

It is based on the diagram in the overview at https://cloud.google.com/vpc/docs/shared-vpc.

Begin by downloading your credentials from Google Cloud Console; the default path for the downloaded file is ~/.gcloud/Terraform.json. If you use another path, update the credentials_file_path variable. Ensure that these credentials have Organization-level permissions - this example will create and administer projects.

This example creates projects within an organization - to run it, you will need to have an Organization ID. To get started using Organizations, read the quickstart here. Since it uses organizations, project-specific credentials won't work, and consequently this example is configured to use application default credentials. Ensure that the application default credentials have permission to create and manage projects and Shared VPCs (sometimes called 'XPN'). The example also requires you to specify a billing account, since it does start up a few VMs.

After you run terraform apply on this configuration, it will output the IP address of the second service project's VM, which (after it's done starting up) displays a page checking network connectivity to the other two VMs.

Run with a command like:

terraform apply \
        -var="region=us-central1" \
        -var="region_zone=us-central1-f" \
        -var="org_id=1234567" \
        -var="billing_account_id=XXXXXXXXXXXX"