Debian Question posted in
The oficial documentation can be found here.

Terraform config not exposing http port on GCP – Debian

I’m using the following terraform code to expose a http server application running on port 80.
After apply the terraform configuration, when I Try to curl or access the public IP e iget connection timed-out.
If I curl the localhost it works fine. So the problem is the configuration. I’m i missing any configuration?

// Configure the Google Cloud provider
provider "google" {
 credentials = file("xxxxxx-13a189a9c1c7.json")
 project     = "xxxx-xxxx"
 region      = "us-west1"
}


// Terraform plugin for creating random ids
resource "random_id" "instance_id" {
 byte_length = 8
}

// A single Compute Engine instance
resource "google_compute_instance" "default" {
 name         = "bkps-314318-${random_id.instance_id.hex}"
 machine_type = "f1-micro"
 zone         = "us-west1-a"

 tags = ["web","http-server"]
 
 boot_disk {
   initialize_params {
     image = "debian-cloud/debian-9"
   }
 }

metadata = {
   ssh-keys = "joao:${file("/home/gc/projetos/gcp/terraform/joaossh.pub")}"
 }
 
 metadata_startup_script = file("${path.module}/startup.sh")

 network_interface {
   network = "default"


   access_config {
     // Include this section to give the VM an external ip address
      // A variable for extracting the external IP address of the instance


   }
 }
}

output "ip" {
 value = google_compute_instance.default.network_interface.0.access_config.0.nat_ip
}



resource "google_compute_firewall" "allow-http" {
  name    = "http-firewall"
  network = google_compute_network.default.name

  source_ranges = ["0.0.0.0/0"]

  allow {
    protocol = "tcp"
    ports    = ["80", "443", "8080", "1000-4000"]
  }

  source_tags = ["web"]
}

resource "google_compute_network" "default" {
  name = "test-network"
}

enter image description here

enter image description here

enter image description here

Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    I managed to work. The final code is:

    
// Configure the Google Cloud provider
provider "google" {
 credentials = file("xxxxx-13a189a9c1c7.json")
 project     = "xxxxx14318"
 region      = "us-west1"
}


// Terraform plugin for creating random ids
resource "random_id" "instance_id" {
 byte_length = 8
}

// A single Compute Engine instance
resource "google_compute_instance" "default" {
 name         = "xxxxx-${random_id.instance_id.hex}"
 machine_type = "f1-micro"
 zone         = "us-west1-a"
 tags = ["web","http-server"]
 
 boot_disk {
   initialize_params {
     image = "debian-cloud/debian-9"
   }
 }

metadata = {
   ssh-keys = "joao:${file("/home/joao/projetos/gcp/terraform/joaossh.pub")}"
 }
 


// Make sure flask is installed on all new instances for later steps
//metadata_startup_script = "sudo apt-get update; sudo apt-get install -yq build-essential python-pip rsync; pip install flask"
 metadata_startup_script = file("${path.module}/startup.sh")

 network_interface {
   network = "default"


   access_config {
     // Include this section to give the VM an external ip address
      // A variable for extracting the external IP address of the instance


   }
 }
}

output "ip" {
 value = google_compute_instance.default.network_interface.0.access_config.0.nat_ip
}


resource "google_compute_firewall" "default" {
 name    = "web-firewall"
 network = "default"

 allow {
   protocol = "icmp"
 }

  allow {
    protocol = "tcp"
    ports    = ["80", "443", "8080", "1000-4000"]
  }

 source_ranges = ["0.0.0.0/0"]
 target_tags = ["web"]
}

  2. 0

    In the resource section

    resource "google_compute_firewall" "allow-http" {

    You defined which instances to attach the firewall rule using:

    source_tags = ["web']

    SOLUTION:

    In the resource section

    resource "google_compute_instance" "default" {

    Add the following line:

    tags = ["web"]
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search