wiki v1

User Tools

Site Tools

Trace: lession_terraform_gcp_dual_stack
wikiv1:lession_terraform_gcp_dual_stack

Lição dual stack CGP

provider.tf
$ vim provider.tf
terraform {
  required_providers {
    google = {
      source  = "hashicorp/google"
      version = "4.51.0"
    }
  }
}
 
provider "google" {
  credentials = "/home/gean/gcp/svc-account/singular-carver-376919-f09b67c64df6.json"
  project     = "singular-carver-376919"
  region      = "us-central1"
}
network.tf
$ vim network.tf
resource "google_compute_network" "vpc_network_dual" {
  name                     = "vpc-network-dual"
  auto_create_subnetworks  = false
  enable_ula_internal_ipv6 = true
}
subnet.tf
$ vim subnet.tf
resource "google_compute_subnetwork" "subnetwork_external_dual" {
  name = "subnetwork-external-dual"
 
  ip_cidr_range = "10.0.4.0/22"
  region        = "us-central1"
 
  stack_type       = "IPV4_IPV6"
  ipv6_access_type = "EXTERNAL"
 
  network = google_compute_network.vpc_network_dual.self_link
}
firewall.tf
$ vim firewall.tf
resource "google_compute_firewall" "allow-icmp-ssh-ipv4" {
  name    = "allow-icmp-ssh-ipv4"
  network = google_compute_network.vpc_network_dual.self_link
 
  allow {
    protocol = "icmp"
  }
 
  allow {
    protocol = "tcp"
    ports    = ["22"]
  }
 
  source_ranges = ["0.0.0.0/0"]
}
 
resource "google_compute_firewall" "allow-ssh-icmp-ipv6" {
  name    = "allow-ssh-icmp-ipv6"
  network = google_compute_network.vpc_network_dual.self_link
 
  allow {
    protocol = "tcp"
    ports    = ["22"]
  }
 
  allow {
    protocol = "58" /* ipv6-icmp */
  }
 
  source_ranges = ["::/0"]
}
instance.tf
$ vim instance.tf
resource "google_compute_instance" "gcp-vm-01" {
  name         = "gcp-vm-01"
  machine_type = "e2-small"
  zone         = "us-central1-a"
 
  boot_disk {
    initialize_params {
      image = "debian-cloud/debian-11"
    }
  }
 
  network_interface {
    subnetwork = google_compute_subnetwork.subnetwork_external_dual.self_link
    stack_type = "IPV4_IPV6"
 
    access_config {
      network_tier = "PREMIUM"
    }
 
    ipv6_access_config {
      network_tier = "PREMIUM"
    }
 
  }
  allow_stopping_for_update = true
}
$ terraform fmt
$ terraform validate
$ terraform plan
$ terraform apply -auto-approve
$ terraform state list
$ terraform show
$ terraform destroy -auto-approve

Referências

  1. Deploy and configure Google Compute Engine VMs with Terraform
  2. google_compute_subnetwork
wikiv1/lession_terraform_gcp_dual_stack.txt · Last modified: by 127.0.0.1