This repo contains how to create the compute instance, gke cluster, firewall rules and vpc network using the terraform.
The steps below will provision a private Kubernetes Engine cluster and a bastion host with which to access it. A bastion host provides a single host that has access to the cluster, which, when combined with a private kubernetes network ensures that the cluster isn't exposed to malicious behavior from the internet at large. Bastions are particularly useful when you do not have VPN access to the cloud network.
Before initialize the terraform, we have to enable the following Google Cloud Service APIs in the project:
compute.googleapis.comcontainer.googleapis.comcloudbuild.googleapis.com
-
Initialize your new Terraform configuration by running the terraform init command in the same directory as your main.tf file:
terraform init
-
See the execution plan by running the terraform plan command with var-file, var-file is the inputs of the variables:
terraform plan -var-file=_var.tfvars
The output has a + next to resources blocks , meaning that Terraform will create these resources. Beneath that, it shows the attributes that will be set. When the value displayed is (known after apply), it means that the value won't be known until the resource is created.
If anything in the plan seems incorrect, it is shows the error messages.
-
Apply you configuration now by running the command terraform apply:
terraform apply plans.tfplan
-
Clean up after you’re done:
terraform destroy -var-file=var.tfvars