Terraform with Google Cloud

private cloud architecture
root_folder → workspaces            → modules
module “core_vpc” {  source = “../modules/vpc”  name = “core-vpc-dev”  project = var.project  env = var.env  region = var.region}
module “cloud_bastion” {  source = “../modules/bastion”  name = “bastion-vm”  project = var.project  env = var.env  region = var.region  zone = “${var.region}-c”  vpc_self_link = module.core_vpc.vpc_self_link  subnet_self_link = module.core_vpc.subnet_external_self_link  members = ["myemail@myemail.com"]}
resource “google_compute_network” “vpc” {  name = var.name  project = var.project  routing_mode = “REGIONAL”  auto_create_subnetworks = false}
output vpc_self_link {  value = google_compute_network.vpc.self_link}
output subnet_external_self_link {
value = google_compute_subnetwork.external.self_link}
terraform {  backend “gcs” {    bucket = “for-my-project”    prefix = “<project_name>/state”  }}
module “iap_bastion” {  source = “terraform-google-modules/bastion-host/google”  version = “2.9.0”  project = var.project  zone = var.zone  network = var.vpc_self_link  subnet = var.subnet_self_link  members = var.members  name = var.name  service_account_name = "bastion-vm"  fw_name_allow_ssh_from_iap = "allow-ssh-to-tunnel"}
│ Error: Unsupported attribute

│ on main.tf line 46, in module “<project_name>”:
│ 46: k8s_cluster_name = data.terraform_remote_state.compute.outputs.k8s_cluster_name
│ ├────────────────
│ │ data.terraform_remote_state.compute.outputs is object with 5 attributes

│ This object does not have an attribute named “k8s_cluster_name”.
Error: Invalid count argumenton .terraform/modules/k8s_online_cluster.gke.gcloud_delete_default_kube_dns_configmap/main.tf line 63, in resource “null_resource” “module_depends_on”:
63: count = length(var.module_depends_on) > 0 ? 1 : 0
The “count” value depends on resource attributes that cannot be determined until apply, so Terraform cannot predict how many instances will be created. To work around this, use the -target argument to first apply only the resources that the count depends on.
$ gcloud compute ssh bastion-vmExternal IP address was not found; defaulting to using IAP tunneling.ERROR: (gcloud.compute.start-iap-tunnel) Error while connecting [4003: 'failed to connect to backend']. (Failed to connect to port 22)kex_exchange_identification: Connection closed by remote host
IAM permissions assigned to user
bastion VM boot error
gcloud config set project <project_name>gcloud container clusters get-credentials <cluster-name>
- cluster:
certificate-authority-data: LS0tLS1....tLS0tCg==
server: https://kubernetes:8543
name: gke_<project-name>_<region>_<cluster-name>
gcloud compute ssh bastion-vm -- -L 8543:<ip_addr_of_cluster>:443
kubectl -n <namespace> get pods
module “iap_bastion” {

startup_script = data.template_file.startup_script.rendered

data “template_file” “startup_script” {
template = <<EOF
sudo ufw allow 22/tcp
vars = {
cluster_zone = var.zone
project = var.project
│ Error: googleapi: Error 409: Already exists: projects/airasia-coeblockchain-stg/locations/asia-southeast1/clusters/k8s-default-stg., alreadyExists

│ with module.k8s_default_cluster.module.gke.google_container_cluster.primary,
│ on .terraform/modules/k8s_default_cluster.gke/modules/private-cluster/cluster.tf line 22, in resource “google_container_cluster” “primary”:
│ 22: resource “google_container_cluster” “primary” {





Victor Yeo

Victor Yeo


