汁なし坦々麺JP > Cloud > GCP > Cloud CDN > [A-00230]Terraform 1000本ノック(5)

[A-00230]Terraform 1000本ノック(5)

公開日: カテゴリー: CloudCloud CDNCloud Load BalancerCloud StorageGCPterraform コメントはまだありません タグ:

前回記事はこちら

[A-00229]Terraform 1000本ノック(4)

今回はCloud Storageを使ってCloud CDN(Contents Delivery Network)を組み立てたいと思います。

variable "project_id" {
  type    = string
  default = "project_id"
}

variable "region" {
  type    = string
  default = "region"
}

variable "project_config" {
  type = map(string)
}
project_config = {
  project_id = "your-project"
  region     = "asia-northeast1"
}
terraform {
  required_providers {
    google = {
      source  = "hashicorp/google"
      version = "6.15.0"
    }
  }
}

provider "google" {
  project = lookup(var.project_config, var.project_id)
  region  = lookup(var.project_config, var.region)
}
terraform {
  backend "gcs" {
  }
}
resource "google_compute_global_address" "default" {
    name = "example-ip"
}
locals {
  bucket_iam = {
    role = "roles/storage.objectViewer"
    member = "allUsers"
  }
}

resource "google_storage_bucket_iam_member" "default" {
    bucket = google_storage_bucket.default.name
    role = local.bucket_iam.role
    member = local.bucket_iam.member
}
locals {
  bucket = {
    name = "cdn-bucket"
    uniform_bucket_level_access = true
    class = "STANDARD"
    destroy = true
    main_page = "index.html"
    not_found_page = "404.html"
  }

  bucket_object_index = {
    name = "index.html"
    content = <<-EOT
      <html><body>
        <h1>Congratulations on setting up Google Cloud CDN with Storage backend!</h1>
      </body></html>
    EOT
  }

  bucket_object_404 = {
    name = "404.html"
    content = <<-EOT
      <html><body>
        <h1>Error: Object you are looking for is no longer available!</h1>
      </html></body>
    EOT
  }
}

resource "random_id" "prefix" {
    byte_length = 8
}

resource "google_storage_bucket" "default" {
    name = "${random_id.prefix.hex}-${local.bucket.name}"
    location = "${lookup(var.project_config, var.region)}"
    uniform_bucket_level_access = local.bucket.uniform_bucket_level_access
    storage_class = local.bucket.class
    force_destroy = local.bucket.destroy
    website {
      main_page_suffix = local.bucket.main_page
      not_found_page = local.bucket.not_found_page
    }
}

resource "google_storage_bucket_object" "index" {
    name = local.bucket_object_index.name
    bucket = google_storage_bucket.default.name
    content = local.bucket_object_index.content
}

resource "google_storage_bucket_object" "error" {
    name = local.bucket_object_404.name
    bucket = google_storage_bucket.default.name
    content = local.bucket_object_404.content
}

resource "google_storage_bucket_object" "test" {
    name = "test-object"

    content = "Data as string to be uploaded"
    content_type = "text/plain"

    bucket = google_storage_bucket.default.name
}
locals {
  forwarding_rule = {
    name = "http-lb-f-rule"
    protocol = "TCP"
    schema = "EXTERNAL"
    port_range = "80"
  }

  http_proxy = {
    name = "http-lb-proxy"
  }

  url_map = {
    name = "http-lb"
  }

  backend_bucket = {
    name = "backend-bucket"
    enable_cdn = true
    cdn_policy = {
        cache_mode = "CACHE_ALL_STATIC"
        client_ttl = 3600
        default_ttl = 3600
        max_ttl = 86400
        negative_caching = true
        serve_while_stable = 86400
    }
  }
}

resource "google_compute_global_forwarding_rule" "default" {
    name = local.forwarding_rule.name
    ip_protocol = local.forwarding_rule.protocol
    load_balancing_scheme = local.forwarding_rule.schema
    port_range = local.forwarding_rule.port_range
    target = google_compute_target_http_proxy.default.id
    ip_address = google_compute_global_address.default.id
}

resource "google_compute_target_http_proxy" "default" {
    name = local.http_proxy.name
    url_map = google_compute_url_map.default.id
}

resource "google_compute_url_map" "default" {
    name = local.url_map.name
    default_service = google_compute_backend_bucket.default.id
}


resource "google_compute_backend_bucket" "default" {
    name = local.backend_bucket.name
    bucket_name = google_storage_bucket.default.name
    enable_cdn = local.backend_bucket.enable_cdn
    cdn_policy {
        cache_mode = local.backend_bucket.cdn_policy.cache_mode
        client_ttl = local.backend_bucket.cdn_policy.client_ttl
        default_ttl = local.backend_bucket.cdn_policy.default_ttl
        max_ttl = local.backend_bucket.cdn_policy.max_ttl
        negative_caching = local.backend_bucket.cdn_policy.negative_caching
        serve_while_stale = local.backend_bucket.cdn_policy.serve_while_stable
    }
}

上記を作成したら下記のコマンドでprovisioningします。

terraform init -upgrade
terraform plan -var-file=dev.tfvars
terraform apply -var-file=dev.tfvars

デプロイしてロードバランサーのIPにアクセスすると下記のようにインデックスページが見られます。

存在しないページを指定するとエラーページに飛びます。

・Appendix

参考文献はこちら

https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket.html#nested_website

https://cloud.google.com/storage/docs/terraform-create-bucket-upload-object?hl=ja

https://stackoverflow.com/questions/47113408/google-cdn-connection-to-cdn-create-nosuch-key-errors

https://cloud.google.com/cdn/docs/overview?hl=ja

https://medium.com/cognite/configuring-google-cloud-cdn-with-terraform-ab65bb0456a9

https://github.com/tweag/terraform-gcp-cdn-bucket

https://cloud.google.com/cdn/docs/cdn-terraform-examples?hl=ja

コメントを残す

メールアドレスが公開されることはありません。 が付いている欄は必須項目です

*