public/terraform-provider-google
0
0
Fork 0
mirror of https://github.com/letic/terraform-provider-google.git synced 2024-07-06 10:12:39 +00:00
Code Issues Projects Releases Wiki Activity
91bca3a4fa
terraform-provider-google/examples/shared-vpc/README.md
Nathan McKinley f7bdcde1c4
Add an example of use of shared VPC networking. (#810) 
Brings up four projects:
  - one to host the VPC
  - two to use the VPC
  - one which is outside the VPC

This is based on the diagram in https://cloud.google.com/vpc/docs/shared-vpc and uses the names there where possible for clarity.

On one of the machines, a page is generated demonstrating that the networking is working the way you'd expect.  That machine's public IP is output by `terraform apply`.
2017-12-06 14:52:48 -08:00

25 lines
2.0 KiB
Markdown
Raw Blame History

# Shared Virtual Private Cloud Networking in Google Cloud
This is a template showcasing the shared VPC feature in Google Cloud. It features
four projects:
- A host project, which owns a VPC
- Two service projects, each of which owns a VM connected to the VPC
- A fourth project, which owns a VM not connected to the VPC.
It is based on the diagram in the overview at [https://cloud.google.com/vpc/docs/shared-vpc](https://cloud.google.com/vpc/docs/shared-vpc).
Begin by [downloading your credentials from Google Cloud Console](https://www.terraform.io/docs/providers/google/#credentials); the default path for the downloaded file is `~/.gcloud/Terraform.json`. If you use another path, update the `credentials_file_path` variable. Ensure that these credentials have Organization-level permissions - this example will create and administer projects.
This example creates projects within an organization - to run it, you will need to have an Organization ID. To get started using Organizations, read the quickstart [here](https://cloud.google.com/resource-manager/docs/quickstart-organizations). Since it uses organizations, project-specific credentials won't work, and consequently this example is configured to use [application default credentials](https://developers.google.com/identity/protocols/application-default-credentials). Ensure that the application default credentials have permission to create and manage projects and Shared VPCs (sometimes called 'XPN'). The example also requires you to specify a billing account, since it does start up a few VMs.
After you run `terraform apply` on this configuration, it will output the IP address of the second service project's VM, which (after it's done starting up) displays a page checking network connectivity to the other two VMs.
Run with a command like:
```
terraform apply \
-var="region=us-central1" \
-var="region_zone=us-central1-f" \
-var="org_id=1234567" \
-var="billing_account_id=XXXXXXXXXXXX"
```
Reference in New Issue View Git Blame Copy Permalink