// Please update "credentials" and "project" under provider block. Also change the extension from txt to tf // ############################ Block for Provider Details ######################################## // Configure the Google Cloud provider provider "google" { credentials = "GCP_ServiceAcc_Keys/-7a7ec1d7d7b3.json" // location of JSON credential file project = "project id" region = "us-central1" } // ############################ Block for Provider Details Ends ################################### // Terraform plugin for creating random ids resource "random_id" "instance_id" { byte_length = 8 } // ############################ Block for Instance Creation ####################################### // A single Google Cloud Engine instance resource "google_compute_instance" "default" { name = "jenkins-${random_id.instance_id.hex}" machine_type = "n1-standard-2" zone = "us-central1-a" tags = ["web"] boot_disk { initialize_params { image = "debian-cloud/debian-9" } } // Updating VM and Installing Nginx on all new instances metadata_startup_script = " whoami; sudo -i; whoami; echo 'jeveen'; apt-get update; apt-get install -yq build-essential python-pip rsync; apt-get install -yq default-jdk-headless; apt-get -yq install apt-transport-https ca-certificates curl gnupg2 software-properties-common; curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -; add-apt-repository 'deb [arch=amd64] https://download.docker.com/linux/debian stretch stable'; apt-get update; apt-get install -yq docker-ce docker-ce-cli containerd.io; docker run hello-world; docker pull jenkinsci/blueocean; groupadd docker; usermod -aG docker jenkins; newgrp docker; docker network create jenkins; docker volume create jenkins-docker-certs; docker volume create jenkins-data; docker run -u root --rm -d -p 8080:8080 -p 50000:50000 -v jenkins-data:/var/jenkins_home -v /var/run/docker.sock:/var/run/docker.sock jenkinsci/blueocean; curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl; chmod +x ./kubectl; sudo mv ./kubectl /usr/local/bin/kubectl; wget -P /var/lib/docker/volumes/jenkins-data/_data/plugins http://updates.jenkins-ci.org/download/plugins/oauth-credentials/0.4/oauth-credentials.hpi ;wget -P /var/lib/docker/volumes/jenkins-data/_data/plugins http://updates.jenkins-ci.org/download/plugins/google-oauth-plugin/1.0.0/google-oauth-plugin.hpi; wget -P /var/lib/docker/volumes/jenkins-data/_data/plugins http://updates.jenkins-ci.org/download/plugins/google-kubernetes-engine/0.8.0/google-kubernetes-engine.hpi; wget -P /var/lib/docker/volumes/jenkins-data/_data/plugins http://updates.jenkins-ci.org/download/plugins/logstash/2.3.1/logstash.hpi; wget -P /var/lib/docker/volumes/jenkins-data/_data/plugins http://updates.jenkins-ci.org/download/plugins/sonar/2.11/sonar.hpi; sysctl -w vm.max_map_count=262144; docker pull sonarqube; docker run -d --name sonarqube -p 9000:9000 sonarqube; docker pull sebp/elk; sleep 30; docker run -d -p 5601:5601 -p 9200:9200 -p 5044:5044 -p 9300:9300 -it --name elk sebp/elk" network_interface { network = "default" access_config { // Include this section to give the VM an external ip address } } // To add ssh key metadata = { ssh-keys = "nttuser:${file("D:/GCP/ssh keys/CloudLab/nttuser_pub.pub")}" } } // ############################ Block for Instance Creation Ends ################################## // ################# Block for Printing value in Taraform output ################################## // A variable for extracting the external ip of the instance output "Virtual_Machine_ip" { value = "${google_compute_instance.default.network_interface.0.access_config.0.nat_ip}" } // ################# Block for Printing value in Taraform output Ends ############################# // ####################### Block for Firewall Rule ################################################ // Creating a firewall rule resource "google_compute_firewall" "default" { name = "test-firewall" network = "default" source_ranges = ["0.0.0.0/0"] allow { protocol = "icmp" } allow { protocol = "tcp" ports = ["80", "8080", "1000-4000", "443", "5044", "5601", "9000", "9200", "9300"] } target_tags = ["web"] //source_tags = ["web"] } //resource "google_compute_network" "default" { // name = "web-network" //} //########################## Block for Firewall Rule Ends #############################################