[A-00227]Terraform 1000本ノック(2)
前回記事はこちら
今回はGoogleCloud上にリージョナル外部パススルーネットワークロードバランサーを作りたいと思います。
・リージョナル外部パススルーネットワークロードバランサーを組み立てる
terraform {
required_providers {
google = {
source = "hashicorp/google"
version = "6.15.0"
}
}
}
provider "google" {
project = var.project_id
region = var.region
}variable "project_id" {
type = string
}
variable "region" {
type = string
}
variable "name" {
type = string
}project_id = "your-project"
region = "asia-northeast1"
name = "example"terraform {
backend "gcs" {
}
}resource "google_compute_network" "lb_network" {
project = var.project_id
name = "lb-network"
auto_create_subnetworks = false
}
resource "google_compute_subnetwork" "lb_subnet" {
project = var.project_id
name = "lb-subnet"
region = var.region
ip_cidr_range = "10.0.1.0/24"
network = google_compute_network.lb_network.id
}resource "google_compute_firewall" "allow_network_ipv4" {
network = google_compute_network.lb_network.id
name = "allow-network-ipv4"
target_tags = [ "lb-tag" ]
source_ranges = [ "0.0.0.0/0" ]
allow {
protocol = "tcp"
ports = ["80"]
}
}resource "google_compute_instance" "web_server" {
project = var.project_id
name = "${var.name}-web-server"
zone = "${var.region}-a"
machine_type = "e2-micro"
tags = [ "lb-tag" ]
boot_disk {
initialize_params {
image = "debian-cloud/debian-12"
size = "10"
}
}
network_interface {
network = google_compute_network.lb_network.id
subnetwork = google_compute_subnetwork.lb_subnet.id
access_config {
}
}
metadata_startup_script = "sudo apt update; sudo apt install nginx -y; sudo systemctl start nginx"
}
resource "google_compute_instance_group" "web_server_group" {
project = var.project_id
zone = "${var.region}-a"
name = "${var.name}-web-server-group"
instances = [ google_compute_instance.web_server.self_link ]
named_port {
name = "tcp"
port = "80"
}
}resource "google_compute_address" "network_lb_ipv4" {
name = "network-lb-ipv4"
region = var.region
}
resource "google_compute_region_health_check" "tcp_health_check" {
name = "tcp-health-check"
timeout_sec = 1
check_interval_sec = 1
region = var.region
tcp_health_check {
port = 80
}
}
resource "google_compute_region_backend_service" "network_lb_backend_service" {
name = "network-lb-backend-service"
load_balancing_scheme = "EXTERNAL"
protocol = "TCP"
region = var.region
health_checks = [ google_compute_region_health_check.tcp_health_check.self_link ]
backend {
group = google_compute_instance_group.web_server_group.id
balancing_mode = "CONNECTION"
}
}
resource "google_compute_forwarding_rule" "network_lb_forwarding_rule_ipv4" {
name = "network-lb-forwarding-rule-ipv4"
load_balancing_scheme = "EXTERNAL"
region = var.region
port_range = "80"
ip_address = google_compute_address.network_lb_ipv4.address
backend_service = google_compute_region_backend_service.network_lb_backend_service.id
}上記を作成したら下記のコマンドを実行してGoogleCloud上にプロビジョニングします。
terraform init
terraform plan -var-file=dev.tfvars
terraform apply -var-file=dev.tfvarsGCPコンソールからロードバランサーのIPを確認します。
ウェブブラウザにてアクセスします。下記の通り、NginxサーバーのWelcomeページが表示されたらOKです。
・Appendix
参考文献はこちら
https://cloud.google.com/load-balancing/docs/network/networklb-backend-service?hl=ja
https://cloud.google.com/load-balancing/docs/network/setting-up-network-backend-service?hl=ja
コメントを残す